dbohannon / MEANBug
An invoice management application built on the MEAN stack with intentional vulnerabilities used to demonstrate insecure configurations and missing or insufficient security controls.
☆16Updated 4 years ago
Alternatives and similar repositories for MEANBug:
Users that are interested in MEANBug are comparing it to the libraries listed below
- ��☆12Updated 7 years ago
- Security Payload Unit Test Repository (SPUTR)☆86Updated last year
- Highlight Burp proxy requests made by different browsers☆30Updated 7 years ago
- ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.☆102Updated 5 years ago
- Simple trick to increase readability of exceptions raised by Burp extensions written in Python☆43Updated 7 years ago
- Actarus is a custom tool for bug bounty☆76Updated 5 years ago
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆49Updated 2 years ago
- Official CTF for 44CON 2019☆17Updated last year
- A deliberately vulnerable modern day app with lots of DOM related bugs☆36Updated 5 years ago
- Scripts that we use for pentesting☆42Updated 7 years ago
- Vendor-Neutral Security Tool Automation Controller (over REST)☆29Updated 5 years ago
- Burp Suite Importer - Connect to multiple web servers while populating the sitemap.☆48Updated 4 years ago
- This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…☆30Updated 5 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆110Updated 5 years ago
- AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.☆56Updated 2 years ago
- All-in-one AWS S3 bucket tool for pentesters.☆72Updated 5 years ago
- AWS Extender CLI is a command-line script to test S3 buckets as well as Google Storage buckets and Azure Storage containers for common mi…☆81Updated 4 years ago
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆62Updated last year
- intentionally vulnerable API☆29Updated 4 months ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆60Updated 6 years ago
- ☆51Updated 8 months ago
- The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…☆65Updated 4 years ago
- ☆18Updated 4 years ago
- A web crawler written with pentesting in mind and some hacks for smart crawling☆30Updated 5 years ago
- A horizontal and vertical web content enumerator☆51Updated 6 years ago
- Scans a list of websites for Cloudfront or S3 Buckets☆103Updated 2 years ago
- RFD Checker - security CLI tool to test Reflected File Download issues☆61Updated 5 years ago
- Manual JavaScript Linting is a Bug☆49Updated 3 years ago
- A repository for GraphQL Extension for Burp Suite☆58Updated 6 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆51Updated 4 years ago