dbohannon / MEANBugLinks
An invoice management application built on the MEAN stack with intentional vulnerabilities used to demonstrate insecure configurations and missing or insufficient security controls.
☆16Updated 5 years ago
Alternatives and similar repositories for MEANBug
Users that are interested in MEANBug are comparing it to the libraries listed below
Sorting:
- Security Payload Unit Test Repository (SPUTR)☆86Updated 2 years ago
- ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.☆102Updated 6 years ago
- Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulne…☆31Updated 2 years ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- A repository for GraphQL Extension for Burp Suite☆57Updated 6 years ago
- This repo gives an overview of some GCP metadata API attack and defend patterns☆77Updated 5 years ago
- ☆12Updated 8 years ago
- Actarus is a custom tool for bug bounty☆77Updated 5 years ago
- Microsoft Excel spreadsheets for consistent security evaluation of Android and iOS mobile applications☆50Updated 10 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆114Updated 6 years ago
- A modular bug hunting and web application pentesting framework written in Go☆57Updated 3 years ago
- ☆16Updated 6 years ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Updated 6 years ago
- vulnerable single sign on☆148Updated last year
- Web Application Security☆128Updated last year
- All-in-one AWS S3 bucket tool for pentesters.☆74Updated 6 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35Updated 6 years ago
- This repository contains an example Python API that is vulnerable to several different web API attacks.☆27Updated 6 years ago
- The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…☆67Updated 5 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆106Updated last year
- Vendor-Neutral Security Tool Automation Controller (over REST)☆28Updated 6 years ago
- Tools to gather subdomains from Bug Bounty programs☆65Updated 7 years ago
- Files for appsecwiki.com☆119Updated 5 years ago
- OASAM is the acronym of Open Android Security Assessment Methodology and its purpose is to become a reference framework on Android applic…☆85Updated 3 years ago
- ☆128Updated 6 years ago
- Presentations, training modules, and other education materials from Duo Security's Application Security team.☆77Updated 4 years ago
- ☆32Updated 2 years ago
- materials we hand out☆147Updated 2 months ago
- Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.☆140Updated last year
- Serverless Workshop☆16Updated 2 years ago