Alternatives and similar repositories for PHP-vulnerability-audit-cheatsheet

Users that are interested in PHP-vulnerability-audit-cheatsheet are comparing it to the libraries listed below

• teknogeek / ssrf-sheriff

  View on GitHub
  A simple SSRF-testing sheriff written in Go
  ☆336Oct 31, 2024Updated last year
• dogangcr / vulnerable-sso

  View on GitHub
  vulnerable single sign on
  ☆150Aug 1, 2024Updated last year
• GoSecure / dtd-finder

  View on GitHub
  List DTDs and generate XXE payloads using those local DTDs.
  ☆645Feb 21, 2024Updated last year
• projectzeroindia / CVE-2019-11510

  View on GitHub
  Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)
  ☆364Jan 11, 2020Updated 6 years ago
• j0bin / Pentest-Resources

  View on GitHub
  ☆121Mar 27, 2017Updated 8 years ago
• maK- / parameth

  View on GitHub
  This tool can be used to brute discover GET and POST parameters
  ☆1,390Aug 24, 2019Updated 6 years ago
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,770Apr 26, 2024Updated last year
• bilbomal / BB-Tips

  View on GitHub
  Collection of Bug Bounty Tips
  ☆65Dec 10, 2019Updated 6 years ago
• incogbyte / jsearch

  View on GitHub
  ☆31Apr 6, 2021Updated 4 years ago
• proabiral / inception

  View on GitHub
  A highly configurable Framework for easy automated web scanning
  ☆381Jul 13, 2020Updated 5 years ago
• masatokinugawa / filterbypass

  View on GitHub
  Browser's XSS Filter Bypass Cheat Sheet
  ☆1,151May 6, 2017Updated 8 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,484Oct 12, 2024Updated last year
• milo2012 / CVE-2018-13379

  View on GitHub
  CVE-2018-13379
  ☆254Aug 14, 2019Updated 6 years ago
• weev3 / LKWA

  View on GitHub
  Lesser Known Web Attack Lab
  ☆330Feb 7, 2020Updated 6 years ago
• clirimemini / Keye

  View on GitHub
  Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…
  ☆99Dec 30, 2019Updated 6 years ago
• m6a-UdS / ssrf-lab

  View on GitHub
  Lab for exploring SSRF vulnerabilities
  ☆247May 30, 2021Updated 4 years ago
• prodigysml / Dr.-Watson

  View on GitHub
  Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's yo…
  ☆218Oct 31, 2019Updated 6 years ago
• whitel1st / docem

  View on GitHub
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆674Jan 28, 2024Updated 2 years ago
• ZeddYu / HTTP-Smuggling-Lab

  View on GitHub
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆346Nov 20, 2022Updated 3 years ago
• BishopFox / GadgetProbe

  View on GitHub
  Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.
  ☆613Mar 4, 2021Updated 4 years ago
• 0xacb / viewgen

  View on GitHub
  Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys
  ☆661Feb 1, 2025Updated last year
• veracode-research / solr-injection

  View on GitHub
  Apache Solr Injection Research
  ☆579Jan 28, 2020Updated 6 years ago
• doyensec / burpdeveltraining

  View on GitHub
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆357Oct 14, 2020Updated 5 years ago
• Regala / burp-scope-monitor

  View on GitHub
  Burp Suite Extension to monitor new scope
  ☆200Mar 31, 2021Updated 4 years ago
• Damian89 / extended-ssrf-search

  View on GitHub
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆279Feb 11, 2021Updated 5 years ago
• securityidiots / CollabOzark

  View on GitHub
  CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
  ☆135Sep 25, 2019Updated 6 years ago
• mazen160 / jwt-pwn

  View on GitHub
  Security Testing Scripts for JWT
  ☆326Jun 30, 2022Updated 3 years ago
• Plazmaz / leaky-repo

  View on GitHub
  Benchmarking repo for secrets scanning
  ☆242Aug 18, 2024Updated last year
• lkorba / enumsh

  View on GitHub
  ☆10Oct 30, 2019Updated 6 years ago
• SpiderMate / B-XSSRF

  View on GitHub
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆293Aug 23, 2019Updated 6 years ago
• laconicwolf / cors-scanner

  View on GitHub
  A multi-threaded scanner that helps identify CORS flaws/misconfigurations
  ☆19Nov 18, 2019Updated 6 years ago
• timip / OSWE

  View on GitHub
  OSWE Preparation
  ☆658Jul 25, 2022Updated 3 years ago
• ameenmaali / qsfuzz

  View on GitHub
  qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.
  ☆303Feb 12, 2023Updated 3 years ago
• xsscx / fuzz

  View on GitHub
  Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
  ☆404Updated this week
• haccer / subjack

  View on GitHub
  Subdomain Takeover tool written in Go
  ☆2,026Aug 13, 2023Updated 2 years ago
• lc / hacks

  View on GitHub
  Repo of useful scripts
  ☆105Jun 30, 2020Updated 5 years ago
• fcavallarin / domdig

  View on GitHub
  DOM XSS scanner for Single Page Applications
  ☆417Nov 15, 2025Updated 3 months ago
• RhinoSecurityLabs / SleuthQL

  View on GitHub
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆470Nov 14, 2019Updated 6 years ago
• orangetw / awesome-jenkins-rce-2019

  View on GitHub
  There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  ☆607May 17, 2019Updated 6 years ago