Very Vulnerable Management API (VVMA) is a deliberately insecure RESTful API built with Node.js for educational and testing purposes. It includes vulnerabilities from the OWASP Top 10 API, allowing learners, security professionals, and developers to explore and understand common API security flaws.
☆71Jun 5, 2025Updated 11 months ago
Alternatives and similar repositories for VVMA
Users that are interested in VVMA are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- HackList: Your go-to AI-powered guide to hands-on cybersecurity learning!☆23Jul 6, 2025Updated 10 months ago
- Penstaller: A Python tool to automate the installation of essential bug bounty and pentesting tools. With one command, it sets up tools f…☆18Mar 14, 2025Updated last year
- HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains.…☆21Dec 29, 2023Updated 2 years ago
- This is my personal repo, which includes bug bounty tips, a collection of tools, one-liners, and other resources I personally prefer whil…☆68Apr 25, 2025Updated last year
- Comprehensive AWS cloud reconnaissance and privilege escalation toolkit written in Python. Features IAM, EC2, S3, Lambda, ECS, Secrets Ma…☆50Jul 8, 2025Updated 10 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- This is a Python script that generates a staged payload that fully bypasses MS Defender. Can potentially be used for EDRs with some custo…☆81Mar 31, 2026Updated last month
- SAST and DAST Scan Supported with 400 plus rules available for secrets and allow you add your own wordlist as well. lightweight source c…☆113Apr 26, 2026Updated last month
- A cross-platform desktop application for HTTP/HTTPS traffic interception and analysis, built with Go. Features modern UI, traffic manipul…☆222Apr 28, 2025Updated last year
- DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will auto…☆14Apr 2, 2026Updated last month
- A deliberately vulnerable banking application designed for practicing Security Testing of Web App, APIs, AI integrated App and secure cod…☆726May 5, 2026Updated 3 weeks ago
- This is an advanced ASMI bypass that is currently undetected by Windows Defender and all the Antivirus software's on virustotal.☆25Jun 10, 2025Updated 11 months ago
- Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll☆51Jun 16, 2025Updated 11 months ago
- Azure AD (Entra ID) enumeration tool. Find related domains and tenant information in a simple way.☆35Oct 4, 2024Updated last year
- Google Dork Scanner for Google Chrome Extension☆17May 10, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Proxll is a tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h☆41Oct 8, 2024Updated last year
- CyberPreacher cloud project collection☆16Dec 21, 2025Updated 5 months ago
- ☆102Apr 4, 2025Updated last year
- My notes containing the Certified Red Team Professional Course☆74Sep 7, 2024Updated last year
- You can gather useful information accounts by username across all types networks ( which also include social media)☆29Oct 19, 2023Updated 2 years ago
- My notes while studying for the PNPT from TCM Security.☆83Mar 30, 2024Updated 2 years ago
- ☆80Apr 28, 2025Updated last year
- CTF Helper is a powerful, modular Command Line Interface (CLI) tool designed for Capture The Flag (CTF) competitions and cybersecurity ta…☆34May 15, 2026Updated 2 weeks ago
- Research into Undocumented Behavior of Azure AD Refresh Tokens☆13Oct 27, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆11Sep 15, 2024Updated last year
- ☆53Mar 13, 2025Updated last year
- free5GC official site☆15May 20, 2026Updated last week
- These are installation notes based on Mayfly's installation notes. They are more streamlined for Vagrant as I did not take the Docker rou…☆27Jun 19, 2024Updated last year
- An Android app to easily manage Frida server on your device or emulator☆121Jan 3, 2026Updated 4 months ago
- Collection of Notes and CheatSheets used for Red teaming Certs☆499Feb 13, 2023Updated 3 years ago
- crack and generate jwt with ease☆23Mar 23, 2025Updated last year
- When Your Vision Reaches Beyond IAM Boundary Scope in AWS Cloud☆46Dec 7, 2025Updated 5 months ago
- Active Directory share enumeration tool☆12Apr 28, 2025Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- This tool is designed to seamlessly convert Postman collections into OpenAPI schemas. This conversion is essential for API security testi…☆12Sep 3, 2024Updated last year
- 🔍 erroreyes – Lightweight Subdomain Enumeration Tool A Python-based tool that queries crt.sh certificate logs to discover subdomains ass…☆16May 8, 2025Updated last year
- Web Crawler for Identifying Entry Points☆11Mar 26, 2024Updated 2 years ago
- JSON API for ExploitDB Website☆17Jan 11, 2015Updated 11 years ago
- Have you ever wanted to search a link or IP address on multiple OSINT pages at once?☆63Jul 7, 2025Updated 10 months ago
- This project automates SOC workflows using Wazuh, Shuffle, and TheHive. It involves setting up a Windows 10 client with Sysmon and Ubuntu…☆41Jun 7, 2024Updated last year
- 🚧 Bypass Android SSL Pinning with ProxyMan and Frida☆32Aug 1, 2024Updated last year