Alternatives and similar repositories for security-testbeds:

Users that are interested in security-testbeds are comparing it to the libraries listed below

• google / plusfish
  Plusfish is a classic web application vulnerability scanner/fuzzer and aimed at security professionals
  ☆28Updated 2 years ago
• GitHubSecurityLab / ruby-unsafe-deserialization
  Proof of Concepts for unsafe deserialization in Ruby
  ☆17Updated 5 months ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆22Updated 3 weeks ago
• pentagridsec / archive_pwn
  A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes
  ☆43Updated last year
• Orange-Cyberdefense / sqltrees
  Developper-proof prevention of SQL injection (java library)
  ☆11Updated 4 years ago
• federicodotta / semgrep-rules
  A collection of my Semgrep rules
  ☆48Updated last year
• AdnaneKhan / ActionsTOCTOU
  Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)
  ☆23Updated 9 months ago
• intruder-io / rebind-server
  A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers
  ☆12Updated last year
• p3rr0x / Blog
  ☆23Updated 2 months ago
• abhisek / supply-chain-security-gateway
  Reference architecture and proof of concept implementation for supply chain security gateway
  ☆23Updated 2 years ago
• PortSwigger / paramalyzer
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆32Updated 2 years ago
• alt3kx / wafparan01d3
  Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool
  ☆25Updated 3 years ago
• projectdiscovery / naabu-action
  A fast port scanner written in go with a focus on reliability and simplicity.
  ☆16Updated 5 months ago
• TheGrandPew / Sanity
  ☆15Updated 3 years ago
• canonical / ubuntu-security-notices
  ☆12Updated this week
• N0MoreSecr3ts / wraith-signatures
  Signatures for wraith used to detect secrets across various sources
  ☆15Updated 2 years ago
• PortSwigger / postman-integration
  Postman Integration is an extension for burp to generate Postman collection fomat json file.
  ☆20Updated 2 years ago
• google / acjs
  ☆10Updated 3 months ago
• trufflesecurity / WhoAmISlack
  Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.
  ☆40Updated last year
• scipag / websocket_fuzzer
  Simple WebSocket fuzzer
  ☆32Updated last year
• nccgroup / RFC-Security-Research
  Paper, data and code from Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding In…
  ☆18Updated 4 years ago
• gagliardetto / lgtm-cli
  *Unofficial* lgtm.com CLI — Use at your own risk. Also don't add more than 3K projects to "My projects" list.
  ☆13Updated 3 years ago
• georlav / objectmap
  A Simple command line tool that helps checking web applications to identify insecure deserialization vulnerabilities.
  ☆24Updated 5 years ago
• Outpost24 / outpost24-cors-check
  Additional active scan checks for BURP
  ☆26Updated 5 months ago
• NodyHub / zipslipper
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆47Updated 6 months ago
• PortSwigger / request-minimizer
  ☆19Updated 2 years ago
• doyensec / oidc-ssrf
  An Evil OIDC Server
  ☆53Updated 2 years ago
• google / threat-team
  IOCs from Google's Threat Analysis Group (TAG)
  ☆29Updated 3 months ago
• mattiasgrenfeldt / bachelors-thesis-http-request-smuggling
  ☆70Updated 3 years ago
• darryk10 / CVE-2021-25735
  Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass
  ☆18Updated 3 years ago