cyllective / oauth-labsLinks
oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning
☆70Updated 8 months ago
Alternatives and similar repositories for oauth-labs
Users that are interested in oauth-labs are comparing it to the libraries listed below
Sorting:
- Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.☆65Updated last year
- ☆88Updated last year
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆89Updated last year
- Vulnerable environments paired with ready-to-use Nuclei templates for security testing and learning! 🚀☆103Updated last week
- Improve automated and semi-automated active scanning in Burp Pro☆61Updated 2 months ago
- ☆100Updated last year
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆29Updated last year
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆174Updated 9 months ago
- Burp Suite's extension to scan and crawl Single Page Applications☆105Updated 2 years ago
- Burp Extension to add additional functionality for pentesting websocket based applications☆97Updated last year
- ☆37Updated last month
- Utility for creating ZipSlip archives☆74Updated 2 years ago
- Nuclei Templates to reproduce Cracking the lens's Research☆127Updated 3 years ago
- gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications☆228Updated 5 months ago
- CVE Collection of jQuery UI XSS Payloads☆119Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆303Updated last year
- An extension to use Semgrep inside Burp Suite.☆89Updated 2 months ago
- Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules☆102Updated 8 months ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆88Updated last year
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆56Updated 2 years ago
- Advanced SQL Injection Techniques for Bug Bounty Hunters☆71Updated last year
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆60Updated 2 years ago
- Subdomains analysis and generation tool. Reveal the hidden!☆241Updated 2 months ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆120Updated 2 years ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆51Updated 3 months ago
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Updated 4 years ago
- Repository to store exploits created by Assetnotes Security Research team☆180Updated last year
- A better way of querying certificate transparency logs☆87Updated 4 months ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆101Updated last month
- CVE-2023-33733 reportlab RCE☆119Updated last year