A Rails application containing multiple vulnerabilities used for demonstration purposes
☆20Mar 26, 2015Updated 10 years ago
Alternatives and similar repositories for vulnerable
Users that are interested in vulnerable are comparing it to the libraries listed below
Sorting:
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago
- Saves pages to Wayback machine☆12Dec 2, 2024Updated last year
- Take a list of IP addresses and probe for working HTTP and HTTPS servers☆12Mar 12, 2020Updated 5 years ago
- Reconnaissance scripts for penetration testing☆59Jul 7, 2015Updated 10 years ago
- Collection of tools to interact with Intigriti website☆16Aug 10, 2024Updated last year
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Nov 18, 2019Updated 6 years ago
- A multi-target URL bruteforcer☆22Aug 6, 2018Updated 7 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- ☆18Jul 26, 2021Updated 4 years ago
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate in☆21Dec 22, 2022Updated 3 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 4 years ago
- A modified version of Mike Czumak's enumeration scanner☆19Nov 9, 2018Updated 7 years ago
- Simple XXE test suite generated specifically for SAML interfaces☆23May 18, 2018Updated 7 years ago
- ☆42May 26, 2017Updated 8 years ago
- A Pythonic wrapper to MassDNS☆24Mar 21, 2018Updated 7 years ago
- Swagger Directory Enumeration (SDE)☆21Jan 16, 2021Updated 5 years ago
- BugBounty , sort and delete duplicates param value without missing original value☆22Jul 31, 2021Updated 4 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆550Jun 12, 2017Updated 8 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- ☆23Jun 30, 2021Updated 4 years ago
- Simple Server Side Request Forgery services enumeration tool.☆56Aug 23, 2018Updated 7 years ago
- BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.☆163Apr 24, 2025Updated 10 months ago
- XSS Hunter Burp Plugin☆151Aug 31, 2018Updated 7 years ago
- ☆30Oct 20, 2023Updated 2 years ago
- Damn Vulnerable Node Application☆20Dec 22, 2015Updated 10 years ago
- BurpSuite extension to convert requests into bcheck scripts☆33Jul 18, 2023Updated 2 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆25May 30, 2021Updated 4 years ago
- Mass querying whois records☆28Dec 28, 2021Updated 4 years ago
- Burp extension to generate multi-step CSRF POC.☆31Sep 23, 2019Updated 6 years ago
- ☆30Sep 1, 2022Updated 3 years ago
- Burp Suite plugin that dynamically generates Google 2FA codes for use in session handling rules (approved by PortSwigger for inclusion in…☆29Sep 4, 2025Updated 5 months ago
- ☆30Jun 27, 2022Updated 3 years ago
- A toolset to track and organize output of reconnaissance tools☆348Jan 3, 2018Updated 8 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Some wordlists collected form github to all bug bounty hunters.☆39Jul 30, 2021Updated 4 years ago
- VyAPI - A cloud based vulnerable hybrid Android App☆86Feb 21, 2020Updated 6 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Feb 12, 2022Updated 4 years ago