oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning
☆75Dec 5, 2024Updated last year
Alternatives and similar repositories for oauth-labs
Users that are interested in oauth-labs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆14Dec 28, 2024Updated last year
- A list for Spring Security☆128Jan 16, 2024Updated 2 years ago
- A Shodan-based tool to discover publicly exposed Ollama instances and list available LLM models.☆21May 27, 2025Updated 10 months ago
- A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.☆14Oct 18, 2023Updated 2 years ago
- ☆34Sep 19, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- golang写的批量对目标网站进行截图的小工具,适合目�标资产比较多时,快速定位薄弱点。☆33Oct 14, 2022Updated 3 years ago
- common methods that used by my burp extension projects☆52Apr 12, 2024Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated last year
- JDBC Attack Tricks☆154Sep 3, 2023Updated 2 years ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆93Jan 17, 2023Updated 3 years ago
- DLP and Firewall test suite☆15Dec 9, 2022Updated 3 years ago
- 一款辅助探测Orderby注入漏洞的BurpSuite插件☆25Oct 19, 2021Updated 4 years ago
- ☆10Jul 21, 2022Updated 3 years ago
- Thymeleaf SSTI Bypass☆13Nov 24, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆88Sep 20, 2024Updated last year
- 用于解决渗透测试加解密的难题,让你的burp像测试明文这么简单☆84Aug 10, 2025Updated 8 months ago
- HiddenDomainHunter☆20Apr 15, 2023Updated 3 years ago
- 资产测绘输出xlsx表格☆14Sep 10, 2024Updated last year
- Piper Burp Suite Extender plugin☆16Jan 15, 2026Updated 3 months ago
- 子域名爆破,增加了智能爬虫功能☆70Mar 22, 2024Updated 2 years ago
- Spel-research☆26Jun 21, 2022Updated 3 years ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆158Mar 31, 2025Updated last year
- 一个基于Codeql规则的go靶场☆41Feb 19, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- NoBlindi is a command-line tool for exploiting blind NoSQL injection vulnerabilities to recover passwords in web applications.☆28Nov 12, 2023Updated 2 years ago
- 用友的一些反序列化链子以及1day,二开了狼组的YongYouNcTool,改了一下逻辑以及poc☆126Oct 12, 2024Updated last year
- ☆12Jan 28, 2023Updated 3 years ago
- WannaCry_HTA 是一个基于 HTA(HTML Application)技术开发的高度仿真 WannaCry 勒索病毒界面模拟程序。该项目简单、完全可控,专为安全研究、应急演练和安全教育场景设计。界面UI参考zR00t1师傅项目编写。☆25Aug 13, 2025Updated 8 months ago
- 致远OA利用工具☆26Jul 15, 2023Updated 2 years ago
- ☆12Jul 13, 2023Updated 2 years ago
- ☆43Sep 8, 2025Updated 7 months ago
- Instantly suspend processes to bypass kernel driver protections.☆21Dec 10, 2024Updated last year
- 修改Bug后的ParamSpider,方便各位师傅使用☆13Nov 13, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692☆35Nov 7, 2022Updated 3 years ago
- Wax is a mediocre fuzzer I'm prototyping to test some ideas and get rid of others.☆17Jul 12, 2018Updated 7 years ago
- 用友漏洞批量检测☆95Mar 26, 2024Updated 2 years ago
- SpecOps is a Burp Suite extension that ingests an OpenAPI or Swagger spec and instantly builds a workbench to test every documented endpo…☆32Mar 27, 2026Updated 3 weeks ago
- 一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service☆31Sep 24, 2024Updated last year
- CVE-2022-24112:Apache APISIX apisix/batch-requests RCE☆44Feb 22, 2022Updated 4 years ago
- Pipeleek scans CI/CD logs and artifacts to detect leaked secrets and pivot from them☆19Updated this week