Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It includes vulnerabilities from the OWASP Top 10 API, allowing learners, security professionals, and developers to explore and understand common API security flaws.
☆70Jun 5, 2025Updated 10 months ago
Alternatives and similar repositories for VVMA
Users that are interested in VVMA are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A deliberately vulnerable mobile banking application designed for practicing mobile security testing. Features common vulnerabilities fou…☆86Nov 25, 2025Updated 4 months ago
- Penstaller: A Python tool to automate the installation of essential bug bounty and pentesting tools. With one command, it sets up tools f…☆17Mar 14, 2025Updated last year
- HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains.…☆21Dec 29, 2023Updated 2 years ago
- This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer whil…☆67Apr 25, 2025Updated 11 months ago
- Learn how to intercept flutter apps☆25Jan 19, 2024Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source c…☆111Aug 21, 2025Updated 7 months ago
- A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure cod…☆680Mar 25, 2026Updated 3 weeks ago
- Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll☆51Jun 16, 2025Updated 10 months ago
- A modern tool written in python for hunting open redirection☆29Aug 8, 2023Updated 2 years ago
- Azure AD (Entra ID) enumeration tool. Find related domains and tenant information in a simple way.☆35Oct 4, 2024Updated last year
- Google Dork Scanner for Google Chrome Extension☆17May 10, 2025Updated 11 months ago
- Proxll is a tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h☆41Oct 8, 2024Updated last year
- CyberPreacher cloud project collection☆16Dec 21, 2025Updated 3 months ago
- ☆102Apr 4, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- My notes containing the Certified Red Team Professional Course☆73Sep 7, 2024Updated last year
- You can gather useful information accounts by username across all types networks ( which also include social media)☆29Oct 19, 2023Updated 2 years ago
- ☆82Apr 28, 2025Updated 11 months ago
- This project documents my hands-on journey in learning and conducting internal Active Directory (AD) penetration testing. The exercises s…☆16Apr 19, 2025Updated last year
- ☆11Sep 15, 2024Updated last year
- ☆49Mar 13, 2025Updated last year
- ☆12Mar 8, 2025Updated last year
- free5GC official site☆15Apr 9, 2026Updated last week
- ☆12Dec 6, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Collection of Notes and CheatSheets used for Red teaming Certs☆498Feb 13, 2023Updated 3 years ago
- When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloud☆45Dec 7, 2025Updated 4 months ago
- OCR KTP Indonesia - Fast API Python☆18Apr 28, 2024Updated last year
- Defcon 28 - Red Team Village - Applied Purple Teaming - Why Can't We Be Friends☆26Aug 9, 2020Updated 5 years ago
- A simple (scraper) tool for remove background on image☆12Mar 8, 2022Updated 4 years ago
- JSON API for ExploitDB Website☆17Jan 11, 2015Updated 11 years ago
- Web Crawler for Identifying Entry Points☆11Mar 26, 2024Updated 2 years ago
- Deliberately insecure Kubernetes test clusters built using kind☆13Aug 16, 2019Updated 6 years ago
- 🚧 Bypass Android SSL Pinning with ProxyMan and Frida☆32Aug 1, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- 🌍 My website☆10Nov 23, 2025Updated 4 months ago
- No more View Once because i'm tired of it☆18Nov 20, 2024Updated last year
- ☆47Mar 7, 2025Updated last year
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 9 months ago
- This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu…☆38Jun 7, 2024Updated last year
- Browser-based Android security auditing tool.☆71Mar 29, 2026Updated 3 weeks ago
- Wayfiles is a tool designed to search for juicy files and URLs within a folder/file with results of tools like gau, waymore, waybackurls,…☆16Feb 22, 2026Updated last month