oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning
☆75Dec 5, 2024Updated last year
Alternatives and similar repositories for oauth-labs
Users that are interested in oauth-labs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆15Dec 28, 2024Updated last year
- A list for Spring Security☆130Jan 16, 2024Updated 2 years ago
- A Shodan-based tool to discover publicly exposed Ollama instances and list available LLM models.☆22May 27, 2025Updated last year
- A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.☆14Oct 18, 2023Updated 2 years ago
- ☆34Sep 19, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- golang写的批量对目标网站进行截图的小工具, 适合目标资产比较多时,快速定位薄弱点。☆32Oct 14, 2022Updated 3 years ago
- common methods that used by my burp extension projects☆52Apr 12, 2024Updated 2 years ago
- A rapid HTTP downgrade smuggling scanner written in Go.☆313May 16, 2024Updated 2 years ago
- JDBC Attack Tricks☆154Sep 3, 2023Updated 2 years ago
- cve-2022-34169 延伸出的Jdk Xalan的payload自动生成工具,可根据不同的Jdk生成出其所对应的xslt文件☆94Jan 17, 2023Updated 3 years ago
- 一款辅助探测Orderby注入漏洞的BurpSuite插件☆25Oct 19, 2021Updated 4 years ago
- DLP and Firewall test suite☆16Dec 9, 2022Updated 3 years ago
- ☆10Jul 21, 2022Updated 3 years ago
- Thymeleaf SSTI Bypass☆13Nov 24, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆91Sep 20, 2024Updated last year
- 用于解决渗透测试加解密的难题,让你的burp像测试明文这么简单☆85Aug 10, 2025Updated 10 months ago
- HiddenDomainHunter☆20Apr 15, 2023Updated 3 years ago
- 资产测绘输出xlsx表格☆14Sep 10, 2024Updated last year
- Piper Burp Suite Extender plugin☆17Jan 15, 2026Updated 5 months ago
- 子域名爆破,增加了智能爬虫功能☆70Mar 22, 2024Updated 2 years ago
- 一个基于Codeql规则的go靶场☆41Feb 19, 2025Updated last year
- Spel-research☆26Jun 21, 2022Updated 4 years ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆161Mar 31, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- NoBlindi is a command-line tool for exploiting blind NoSQL injection vulnerabilities to recover passwords in web applications.☆29Nov 12, 2023Updated 2 years ago
- ☆12Jan 28, 2023Updated 3 years ago
- 用友的一些反序列化链子以及1day,二开了狼组的YongYouNcTool,改了一下逻辑以及poc☆132Oct 12, 2024Updated last year
- WannaCry_HTA 是一个基于 HTA(HTML Application)技术开发的高度仿真 WannaCry 勒索病毒界面模拟程序。该项目简单、完全可控,专为安全研究、应急演练和安全教育场景设计。界面UI参考zR00t1师傅项目编写。☆24Aug 13, 2025Updated 10 months ago
- 致远OA利用工具☆27Jul 15, 2023Updated 2 years ago
- ☆12Jul 13, 2023Updated 2 years ago
- ☆44Sep 8, 2025Updated 10 months ago
- 修改Bug后的ParamSpider,方便各位师傅使用☆13Nov 13, 2024Updated last year
- A project demonstrating an app that is vulnerable to Spring Security authorization bypass CVE-2022-31692☆35Nov 7, 2022Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- 用友漏洞批量检测☆93Mar 26, 2024Updated 2 years ago
- SpecOps is a Burp Suite extension that ingests an OpenAPI or Swagger spec and instantly builds a workbench to test every documented endpo…☆32Jun 18, 2026Updated 3 weeks ago
- 一个高价值漏洞采集与推送服务 | A valueable vulnerability collection and push service☆31Sep 24, 2024Updated last year
- gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications (Official BApp Extension Available)☆256Jun 13, 2026Updated 3 weeks ago
- CVE-2022-24112:Apache APISIX apisix/batch-requests RCE☆43Feb 22, 2022Updated 4 years ago
- Pipeleek scans CI/CD logs and artifacts to detect leaked secrets and pivot from them☆21Jul 1, 2026Updated last week
- jre8u20 gadget☆34May 23, 2021Updated 5 years ago