☆219Mar 25, 2022Updated 4 years ago
Alternatives and similar repositories for vulnerable-apps
Users that are interested in vulnerable-apps are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 一些漏洞场景的还原,基于https://www.exploit-db.com/☆37Feb 7, 2018Updated 8 years ago
- PoC for CVE-2018-1002105.☆222Dec 21, 2018Updated 7 years ago
- CVE-2018-17246 - Kibana LFI < 6.4.3 & 5.6.13☆65Oct 26, 2019Updated 6 years ago
- Python script which will type a file into an RDP session. For when drag and drop and disk mounting is not possible☆33May 3, 2024Updated last year
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- Contents for Node.Js Security Course☆345Nov 16, 2020Updated 5 years ago
- Docker container for datasploit framework☆25Aug 3, 2017Updated 8 years ago
- Damn Vulnerable Node Application☆20Dec 22, 2015Updated 10 years ago
- JRE8u20_RCE_Gadget☆255Jul 1, 2016Updated 9 years ago
- Proof of concept showing how to exploit the CVE-2018-11759☆40Dec 11, 2018Updated 7 years ago
- Burp Commander written in Go☆56Feb 11, 2019Updated 7 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Jan 9, 2018Updated 8 years ago
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- Ansible module for OWASP ZAP using Python API to scan web targets for security issues☆15Dec 3, 2017Updated 8 years ago
- Vulnerability Labs for security analysis☆1,170Mar 10, 2021Updated 5 years ago
- Labs built in docker to cover NSE lessons☆11Nov 24, 2023Updated 2 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- 一个半自动化命令注入漏洞Fuzz工具(One Semi-automation command injection vulnerability Fuzz tool)☆92Sep 28, 2017Updated 8 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- A Pythonic wrapper to MassDNS☆24Mar 21, 2018Updated 8 years ago
- WEB SERVICE SECURITY ASSESSMENT TOOL☆390Sep 24, 2021Updated 4 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- ☆72Nov 20, 2017Updated 8 years ago
- Git All the Payloads! A collection of web attack payloads.☆3,919May 15, 2023Updated 2 years ago
- CORS checking☆34Jul 16, 2018Updated 7 years ago
- ☆146Jun 20, 2018Updated 7 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 9 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- CVE-2018-6546-Exploit☆41Apr 15, 2018Updated 7 years ago
- ☆162Dec 7, 2017Updated 8 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 6 years ago
- 浏览器用户全部信息收集js☆167Oct 27, 2015Updated 10 years ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,907Sep 27, 2021Updated 4 years ago
- Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (…☆316Apr 1, 2019Updated 6 years ago
- ☆35Nov 3, 2019Updated 6 years ago
- CVE-2018-3191 反弹shell☆16Oct 23, 2018Updated 7 years ago
- All Day DevOps - Automated Infrastructure Security Monitoring and Defence (ELK + AWS Lambda)☆25Dec 7, 2016Updated 9 years ago
- DirBuster for Node.js☆20Mar 21, 2019Updated 7 years ago