Sample vulnerable code and its exploit code
☆190Mar 14, 2021Updated 5 years ago
Alternatives and similar repositories for CORS-vulnerable-Lab
Users that are interested in CORS-vulnerable-Lab are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆765Aug 21, 2023Updated 2 years ago
- ☆66Aug 25, 2021Updated 4 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆136Sep 25, 2019Updated 6 years ago
- ☆42Apr 18, 2023Updated 2 years ago
- This Repository contains the stuff related to windows Active directory environment exploitation☆153Jul 31, 2023Updated 2 years ago
- CVE-2018-13379☆254Aug 14, 2019Updated 6 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Nov 18, 2019Updated 6 years ago
- Learn how to get a reverse shell from JIRA application server☆24Dec 2, 2018Updated 7 years ago
- vulnerable single sign on☆149Aug 1, 2024Updated last year
- CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE☆16Mar 11, 2019Updated 7 years ago
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆1,026Feb 5, 2021Updated 5 years ago
- HTTP file upload scanner for Burp Proxy☆491Dec 25, 2023Updated 2 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- Fuzzing Payloads to Assist in Web Application Testing.☆166Jun 6, 2019Updated 6 years ago
- Apache Tomcat Remote Code Execution on Windows☆189Nov 27, 2019Updated 6 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- a parser + crawler for .DS_Store files exposed publically☆56Jun 6, 2023Updated 2 years ago
- CTF Writeups☆12Feb 25, 2023Updated 3 years ago
- learning case to prepare OSWE☆36Nov 4, 2019Updated 6 years ago
- Auto Recon Bash Script☆31Dec 31, 2024Updated last year
- Extract relative urls from a heap snapshot☆87May 30, 2021Updated 4 years ago
- VyAPI - A cloud based vulnerable hybrid Android App☆86Feb 21, 2020Updated 6 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- Exploit for the Post-Auth RCE vulnerability in Pulse Secure Connect☆133Feb 11, 2022Updated 4 years ago
- Continuous monitoring for JavaScript files☆225Dec 29, 2019Updated 6 years ago
- A collection of scripts to extend Burp Suite☆142Apr 8, 2019Updated 6 years ago
- stuff i'm willing to share with the world lol☆171Oct 17, 2022Updated 3 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- List of XSS Vectors/Payloads☆1,366Jan 14, 2026Updated 2 months ago
- Apache Log4j 1.2.X存在反序列化远程代码执行漏洞☆78Dec 25, 2019Updated 6 years ago
- A scripted pipeline of tools to streamline the bug bounty/penetration test reconnaissance phase, so you can focus on chomping bugs.☆397Apr 17, 2020Updated 5 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆392Aug 15, 2024Updated last year
- Burp Extension for a passive scanning JS files for endpoint links.☆815Mar 22, 2024Updated 2 years ago
- ☆16Jul 20, 2020Updated 5 years ago
- SSL VPN Rce☆53Aug 27, 2019Updated 6 years ago
- DupeKeyInjector☆134Apr 16, 2022Updated 3 years ago
- A lab for playing with NoSQL Injection☆134Feb 23, 2026Updated last month