Alternatives and similar repositories for vulnerable

Users that are interested in vulnerable are comparing it to the libraries listed below

• karelorigin / XSS-Problems
  ☆34Updated 5 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆33Updated 6 years ago
• gwen001 / actarus
  Actarus is a custom tool for bug bounty
  ☆77Updated 5 years ago
• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆26Updated 6 years ago
• rojan-rijal / ReconUI
  Alpha version code of Recon UI
  ☆14Updated 7 years ago
• smiegles / crossdomain
  Exploit insecure crossdomain.xml files.
  ☆26Updated 8 years ago
• JacobReynolds / xssHunterExtension
  Chrome Extension for XSS Hunter Payloads
  ☆41Updated 9 years ago
• gwen001 / testxss
  PHP tool to test XSS
  ☆22Updated 5 years ago
• br3akp0int / GQLParser
  A repository for GraphQL Extension for Burp Suite
  ☆57Updated 6 years ago
• swarley7 / gograbber
  A horizontal and vertical web content enumerator
  ☆52Updated 7 years ago
• gradiuscypher / bounty_tools
  Various tools for managing bug bounty recon and exploration.
  ☆48Updated 2 years ago
• incredibleindishell / Local-file-disclosure-SQL-Injection-Lab
  This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …
  ☆42Updated 8 years ago
• snyff / oauthsecurity
  OAuth Security Cheatsheet
  ☆40Updated 11 years ago
• rojan-rijal / Pyrate
  Practice Web App written in python with some vulnerabilities.
  ☆34Updated 4 years ago
• sawzeeyy / Sanitiz3r
  A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status
  ☆89Updated 4 years ago
• plenumlab / lazyrecon
  This script is intended to automate your reconnaissance process in an organized fashion
  ☆39Updated 6 years ago
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆32Updated 7 years ago
• almroot / dnsresolvers
  A bash script that fetches and maintains thousands of DNS resolvers
  ☆65Updated 5 years ago
• EdOverflow / curate
  A tool for fetching archived URLs (to be rewritten in Go).
  ☆41Updated 7 years ago
• twelvesec / BearerAuthToken
  This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…
  ☆48Updated 6 years ago
• plenumlab / GQL-Helper
  This is a small extension to make graphql readable
  ☆30Updated 6 years ago
• PortSwigger / detect-dynamic-js
  The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…
  ☆13Updated 6 years ago
• PentesterLab / sectalks
  ☆12Updated 8 years ago
• NetSPI / crossdomainscanner
  Python tool for expired domain discovery in crossdomain.xml files
  ☆23Updated 8 years ago
• MrTaherAmine / pentest-management
  Simple webinterface combining different recon tools.
  ☆12Updated 7 years ago
• hoainam1989 / training-application-security
  This repository for training application security.
  ☆26Updated 6 years ago
• koto / gitpillage
  Pillage a git repo found in an accessible web root
  ☆61Updated 14 years ago
• fransr / bountytpl
  bountytpl – template generator cli. By using a template similar to the ones for Template Generator (https://github.com/fransr/template-ge…
  ☆48Updated 6 years ago
• bayotop / sink-logger
  Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.
  ☆49Updated 3 years ago
• gursev / flash-xdomain-xploit
  ActionScript Proof of Concept to perform cross-domain reads
  ☆43Updated 12 years ago