Alternatives and similar repositories for vulnerabilities

Users that are interested in vulnerabilities are comparing it to the libraries listed below

• MrTuxracer / advisories
  Security Advisories
  ☆34Updated 3 weeks ago
• shabarkin / CodeAllTheThings
  A list of threat sinks used in the manual security source code review for application security
  ☆73Updated 2 years ago
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆32Updated 2 years ago
• trickest / enumerepo
  List all public repositories for (valid) GitHub usernames
  ☆76Updated 2 years ago
• justmorpheus / burp-automation
  Performing automated scan using Burp Suite Pro & Vmware Burp Rest API
  ☆52Updated 3 years ago
• dwisiswant0 / ngocok
  ngrok Collaborator Link — yet another Burp Collaborator alternative for free with ngrok.
  ☆114Updated last year
• trickest / safe-harbour
  security.txt collection of most popular world-wide domains
  ☆54Updated 2 years ago
• elamaran619 / hackerone_wordlist
  The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform
  ☆59Updated 5 years ago
• hahwul / RegexPassive
  🔭 Collection of regexp pattern for security passive scanning
  ☆117Updated 2 years ago
• trickest / recon-and-vulnerability-scanner-template
  Create your own recon & vulnerability scanner with Trickest and GitHub
  ☆48Updated 2 years ago
• trickest / trickest-cli
  Execute Trickest workflows right from your terminal
  ☆94Updated last week
• pentesterland / Log4Shell
  ☆73Updated 3 years ago
• HarshVaragiya / sslsearch
  Hunt SSL Certificates for interesting keywords on major cloud service providers / internet
  ☆40Updated last week
• stefan2200 / aparoid
  Static and dynamic Android application security analysis
  ☆74Updated last year
• projectdiscovery / php-app-race-condition
  Vulnerable demo application for the race condition
  ☆22Updated 4 years ago
• The-Login / DNS-Analyzer
  A Burp Suite extension for finding DNS vulnerabilities in web applications!
  ☆94Updated 2 years ago
• VitthalS / ivna
  Intentionally Vulnerable Nodejs Application & APIs
  ☆22Updated 3 years ago
• bot8080 / awesomeBugbounty
  ☆49Updated 5 years ago
• mobb-dev / bugsy
  ☆60Updated this week
• defparam / haptyc
  ☆95Updated 4 years ago
• righettod / website-passive-reconnaissance
  Script to automate, when possible, the passive reconnaissance performed on a website prior to an assessment.
  ☆38Updated last month
• Th0h0 / autopoisoner
  Web cache poisoning vulnerability scanner.
  ☆72Updated 3 years ago
• kosmosec / proto-find
  Let's check if your target is vulnerable for client side prototype pollution.
  ☆66Updated last year
• doyensec / confuser
  Dependency Confusion Security Testing Tool
  ☆51Updated 3 years ago
• jorritfolmer / vulnerable-api
  Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops
  ☆44Updated last year
• osmedeus / osmedeus-workflow
  Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
  ☆76Updated last year
• gwen001 / favicon-hashtrick
  Python script implementing the favicon hash trick to find subdomains.
  ☆37Updated 2 years ago
• amalmurali47 / swagroutes
  swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
  ☆61Updated 2 years ago
• roottusk / xforwardy
  Host Header Injection Scanner
  ☆48Updated 5 years ago
• incogbyte / quickpress
  Small tool to automate SSRF wordpress and XMLRPC finder
  ☆81Updated 2 years ago