appsecco / dvna
Damn Vulnerable NodeJS Application
☆714Updated 9 months ago
Alternatives and similar repositories for dvna:
Users that are interested in dvna are comparing it to the libraries listed below
- Automatically exported from code.google.com/p/domxsswiki☆517Updated 6 years ago
- A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of se…☆456Updated 4 months ago
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆875Updated 2 months ago
- Delightful Node.js packages useful for penetration testing, exploiting, reverse engineer, cryptography ...☆420Updated 3 years ago
- Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF☆413Updated 2 months ago
- Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API re…☆461Updated 3 months ago
- Repository for hosting my research papers☆505Updated 9 months ago
- ☆795Updated last year
- Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.☆732Updated 2 years ago
- Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem☆643Updated 3 years ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆522Updated last year
- Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.☆594Updated 2 years ago
- Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)☆448Updated 5 years ago
- Repo for all the OWASP-SKF Docker lab examples☆444Updated 5 months ago
- Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.☆460Updated 2 years ago
- A curated list of vulnerable web applications.☆277Updated last year
- Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.☆1,225Updated 8 months ago
- XSS payloads designed to turn alert(1) into P1☆1,350Updated last year
- Finds unknown classes of injection vulnerabilities☆643Updated last year
- Multi Tool Subdomain Enumeration☆722Updated 3 years ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆522Updated 6 years ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,235Updated 3 years ago
- Find AWS S3 buckets and test their permissions.☆371Updated last year
- Content discovery wordlists generated using BigQuery☆562Updated 4 years ago
- Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…☆412Updated 4 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆412Updated 2 months ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆864Updated last week
- Antora/Asciidoc content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"☆224Updated 3 weeks ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆307Updated 9 months ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆684Updated last year