A laboratory for learning secure web and mobile development in a practical manner.
☆971Sep 25, 2024Updated last year
Alternatives and similar repositories for secDevLabs
Users that are interested in secDevLabs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- vulnerable single sign on☆149Aug 1, 2024Updated last year
- Repo for all the SKF Docker lab examples☆465Aug 2, 2024Updated last year
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆765Aug 21, 2023Updated 2 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- LDAP Injection Vulnerability Application(Blog Sample Code)☆22Oct 4, 2018Updated 7 years ago
- A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status☆89Oct 29, 2020Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,443Jun 11, 2025Updated 9 months ago
- Linux Local Privesc Helper and Agent☆166Dec 2, 2019Updated 6 years ago
- List of Awesome Asset Discovery Resources☆2,429Jan 22, 2025Updated last year
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆884Mar 2, 2026Updated 3 weeks ago
- InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable…☆1,744Feb 16, 2026Updated last month
- Labs built in docker to cover NSE lessons☆11Nov 24, 2023Updated 2 years ago
- Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands …☆950Nov 26, 2022Updated 3 years ago
- Red Team Scripts by d0nkeys (ex SnadoTeam)☆703Jul 27, 2020Updated 5 years ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆934Jan 6, 2025Updated last year
- A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…☆2,188Dec 11, 2022Updated 3 years ago
- Windows / Linux Local Privilege Escalation Workshop☆1,004Jan 15, 2019Updated 7 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,113Aug 14, 2024Updated last year
- Pop shells like a master.☆1,491Apr 2, 2019Updated 6 years ago
- ☆21Nov 13, 2019Updated 6 years ago
- a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations…☆535Mar 27, 2022Updated 3 years ago
- My Recon Automation☆194May 28, 2021Updated 4 years ago
- Penetration tests guide based on OWASP including test cases, resources and examples.☆2,773Mar 23, 2022Updated 4 years ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆3,022Dec 11, 2025Updated 3 months ago
- Attack and defend active directory using modern post exploitation adversary tradecraft activity☆4,805Jul 29, 2025Updated 7 months ago
- A curated list of amazingly awesome Burp Extensions☆3,379Feb 17, 2026Updated last month
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,807Sep 17, 2024Updated last year
- Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥☆7,398Aug 28, 2025Updated 6 months ago
- An intentionally designed broken web application based on REST API.☆579Jun 10, 2021Updated 4 years ago
- Sample vulnerable code and its exploit code☆190Mar 14, 2021Updated 5 years ago
- Linux post exploitation framework written in bash designed to assist red teams in persistence, reconnaissance, privilege escalation and l…☆541Apr 14, 2021Updated 4 years ago
- A simple PHP application to learn SQL Injection detection and exploitation techniques.☆127Oct 18, 2022Updated 3 years ago
- The Swiss Army knife for automated Web Application Testing☆2,321May 8, 2024Updated last year
- A list of public penetration test reports published by several consulting firms and academic security groups.☆9,413Nov 24, 2025Updated 3 months ago
- Benchmarking repo for secrets scanning☆243Aug 18, 2024Updated last year
- Automated Red Team Infrastructure deployement using Docker☆1,262Aug 24, 2022Updated 3 years ago