Alternatives and similar repositories for oauth-labs

Users that are interested in oauth-labs are comparing it to the libraries listed below

• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆65Updated last year
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆79Updated 2 years ago
• codewhitesec / HttpRemotingObjRefLeak
  Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)
  ☆90Updated last year
• snyk / socketsleuth
  Burp Extension to add additional functionality for pentesting websocket based applications
  ☆99Updated last month
• projectdiscovery / nuclei-templates-labs
  Vulnerable environments paired with ready-to-use Nuclei templates for security testing and learning! 🚀
  ☆120Updated 2 months ago
• doyensec / Prototype-Pollution-Gadgets-Finder
  ☆89Updated last year
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆174Updated 11 months ago
• BishopFox / ysoserial-bf
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆29Updated last year
• Moopinger / smugglefuzz
  A rapid HTTP downgrade smuggling scanner written in Go.
  ☆306Updated last year
• cve-sandbox / jquery-ui
  CVE Collection of jQuery UI XSS Payloads
  ☆118Updated 2 years ago
• synfron / ReshaperForBurp
  Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules
  ☆104Updated 11 months ago
• dbrwsky / Nuclei-BurpExtension
  Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
  ☆119Updated 2 years ago
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆62Updated 4 months ago
• PortSwigger / url-cheatsheet-data
  This is the data that powers the PortSwigger URL validation bypass cheat sheet.
  ☆54Updated 3 weeks ago
• nxenon / grpc-pentest-suite
  gRPC-Web Pentesting Suite + Burp Suite Extension / Hack gRPC-Web Applications (Official BApp Extension Available)
  ☆235Updated 3 weeks ago
• PortSwigger / server-side-prototype-pollution
  ☆39Updated 2 years ago
• 0xAwali / Blind-SSRF
  Nuclei Templates to reproduce Cracking the lens's Research
  ☆127Updated 3 years ago
• wdahlenburg / interactsh-collaborator
  Burpsuite plugin for Interact.sh
  ☆227Updated last year
• pascal-sun / file-upload
  Catalogue de payloads destinés au téléversement de fichiers. Il s'agit d'un ensemble de plusieurs fichiers contenant du code malveillant …
  ☆41Updated last year
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆112Updated last year
• PortSwigger / pentest-mapper
  A Burp Suite Extension for Application Penetration Testing to map flows and vulnerabilities
  ☆120Updated last year
• PortSwigger / auth-analyzer
  ☆107Updated last year
• PortSwigger / splitting-the-email-atom
  ☆85Updated 3 months ago
• hackvertor / shadow-repeater
  ☆41Updated 4 months ago
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆105Updated 4 months ago
• minamo7sen / burp-JS-Miner
  This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.
  ☆56Updated 2 years ago
• fcavallarin / burp-dom-scanner
  Burp Suite's extension to scan and crawl Single Page Applications
  ☆105Updated 2 years ago
• c53elyas / CVE-2023-33733
  CVE-2023-33733 reportlab RCE
  ☆118Updated 2 years ago
• cyberaz0r / Burp-IISTildeEnumerationScanner
  Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability
  ☆61Updated 2 years ago
• zzzteph / probable_subdomains
  Subdomains analysis and generation tool. Reveal the hidden!
  ☆243Updated 4 months ago