abigailajohn / VVMALinks
Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It includes vulnerabilities from the OWASP Top 10 API, allowing learners, security professionals, and developers to explore and understand common API security flaws.
☆69Updated 8 months ago
Alternatives and similar repositories for VVMA
Users that are interested in VVMA are comparing it to the libraries listed below
Sorting:
- Scripts, files, cheatsheets and more used for pentesting and my OSWE / AWAE exam.☆103Updated last week
- Damn Vulnerable API☆86Updated 4 months ago
- The repository contains useful GitHub dorks for finding open-source vulnerabilities.☆92Updated last year
- Find CVEs associated to Linux and public exploits on github☆119Updated 10 months ago
- Frogy 2.0 is an automated external reconnaissance and Attack Surface Management (ASM) toolkit☆331Updated 3 months ago
- A OWASP Based Checklist With 80+ Test Cases☆155Updated 3 years ago
- A deliberately vulnerable mobile banking application designed for practicing mobile security testing. Features common vulnerabilities fou…☆78Updated 2 months ago
- This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.☆122Updated last year
- INE eCPPTv3 Cheat Sheet / Course Notes. You'll find my comprehensive course notes, which also serve as cheat sheets for the eCPPTv3 cours…☆63Updated 5 months ago
- PAYGoat is a banking application built for educational purposes, focused on exploring and understanding common business logic flaws in fi…☆185Updated last month
- ☆54Updated 2 years ago
- ☆58Updated 4 months ago
- GarudRecon automates domain recon with top open-source tools to discover assets, enumerate subdomains, and detect XSS, SQLi, LFI, RCE & m…☆192Updated 2 weeks ago
- AI for Ethical Hacking - Workshop☆249Updated 2 months ago
- IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applicatio…☆218Updated 4 months ago
- Web Application Penetration Testing☆146Updated 9 months ago
- Bug Bounty Web and API Payloads☆39Updated this week
- ☆244Updated last year
- ☆69Updated 3 years ago
- A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud☆142Updated 3 years ago
- INE Training Notes☆55Updated 10 months ago
- A fully automated subdomain reconnaissance and sensitive data discovery toolkit.☆46Updated 7 months ago
- ⚡ XSSuccessor is a powerful, asynchronous Cross-Site Scripting (XSS) detection tool.☆55Updated last year
- Since the SecOps Group has offered free certification to Certified Appsec Practitioner I will be creating notes here. I will be working o…☆78Updated 2 years ago
- API Pentesting Tools are specialized security tools used to test and analyze the security of Application Programming Interfaces (APIs).☆231Updated 2 weeks ago
- List of tools and resources for pentesting Microsoft Active Directory☆114Updated 7 months ago
- A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure cod…☆558Updated 2 months ago
- A powerful Burp Suite extension that imports Postman collections☆31Updated 6 months ago
- OSCP Cheatsheet by Sai Sathvik☆85Updated 2 years ago
- ☆96Updated 10 months ago