Collection of all previous 1337UP CTF challenges.
☆79Jan 6, 2025Updated last year
Alternatives and similar repositories for CTF
Users that are interested in CTF are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Hijack a slack bot to phish your way in☆57Jul 17, 2025Updated 9 months ago
- A collection of Turbo Intruder scripts.☆71Feb 1, 2025Updated last year
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆16Apr 10, 2025Updated last year
- ☆18Feb 2, 2026Updated 3 months ago
- PoC shadow SaaS and insecure credential detection system using a browser extension.☆43Apr 3, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Autonomous AI C2☆32Jul 23, 2024Updated last year
- Burp Suite extension for testing Passkey systems.☆75Apr 1, 2025Updated last year
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- Search engine for CTF writeups with instant results.☆156Mar 6, 2025Updated last year
- Scalable integrity framework for ABAC on AWS☆56Mar 14, 2025Updated last year
- Find what egress ports are allowed☆47Nov 19, 2025Updated 5 months ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 5 months ago
- When good OAuth apps go rogue. Documents observed OAuth application tradecraft☆86Apr 7, 2026Updated 3 weeks ago
- Unauthenticated enumeration of AWS IAM Roles.☆26Apr 18, 2026Updated 2 weeks ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.☆179Jan 9, 2026Updated 3 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- A recon tool for GCP Service Account Keys that requires no permissions☆27Apr 14, 2025Updated last year
- A Malware Scarecrow for Windows 10/11 with a user-friendly touch.☆71Oct 30, 2024Updated last year
- SprayShark is a modular G-Suite password sprayer with threading!☆58May 17, 2025Updated 11 months ago
- Framework for Monitoring File Ingestion Source for Yara Matches☆52Mar 10, 2025Updated last year
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆52Dec 31, 2024Updated last year
- Linux CS bypass technique☆33Feb 4, 2025Updated last year
- Attaché provides an emulation layer for Cloud Provider IMDS APIs☆60Apr 23, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆40Nov 29, 2024Updated last year
- Addon for BHCE☆57Apr 1, 2025Updated last year
- ☆18Jul 30, 2024Updated last year
- ☆87Mar 30, 2026Updated last month
- Proof-of-concept modular implant platform leveraging v8☆55Mar 4, 2025Updated last year
- Mapping of open-source detection rules and atomic tests.☆209Feb 16, 2026Updated 2 months ago
- A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers☆438Jan 14, 2025Updated last year
- Sniff and attack networks that use IP-in-IP or VXLAN encapsulation protocols.☆23Apr 27, 2026Updated last week
- A web CTF for training developers in bug hunting and secure coding!☆100Jan 12, 2025Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Convert cloudtrail data to MITRE ATT&CK Sightings☆82Jul 25, 2022Updated 3 years ago
- An IAM Simulator that outputs detailed explains of how a request was evaluated.☆102Apr 26, 2026Updated last week
- Feed it a number. Your cloned voice does the social engineering, while you sip your coffee. A ghost that talks on the phone for you.☆111May 30, 2025Updated 11 months ago
- Unsafe Unpacking Vulnerability: Lab Code, Semgrep Rules and Secure Implementation Guide☆43Dec 16, 2024Updated last year
- AWS Trustline: Check external access on your AWS account☆129Feb 27, 2026Updated 2 months ago
- Assortment of scripts and tools for our Blackhat EU 2024 talk☆106Feb 6, 2025Updated last year
- OLD repo for my GitBook (CTF writeups / vuln research / bugbounty) - please check out cryptocat.me/blog for the updated content!☆18Dec 30, 2025Updated 4 months ago