A Rails application containing multiple vulnerabilities used for demonstration purposes
☆20Mar 26, 2015Updated 10 years ago
Alternatives and similar repositories for vulnerable
Users that are interested in vulnerable are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- A modified version of Mike Czumak's enumeration scanner☆19Nov 9, 2018Updated 7 years ago
- BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.☆163Apr 24, 2025Updated 11 months ago
- Reconnaissance scripts for penetration testing☆59Jul 7, 2015Updated 10 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆549Jun 12, 2017Updated 8 years ago
- A multi-threaded scanner that helps identify CORS flaws/misconfigurations☆19Nov 18, 2019Updated 6 years ago
- A Pythonic wrapper to MassDNS☆24Mar 21, 2018Updated 8 years ago
- Simple XXE test suite generated specifically for SAML interfaces☆23May 18, 2018Updated 7 years ago
- Swagger Directory Enumeration (SDE)☆21Jan 16, 2021Updated 5 years ago
- Saves pages to Wayback machine☆12Dec 2, 2024Updated last year
- Simple Server Side Request Forgery services enumeration tool.☆56Aug 23, 2018Updated 7 years ago
- ☆18Jul 26, 2021Updated 4 years ago
- ☆23Jun 30, 2021Updated 4 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 7 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆227May 8, 2018Updated 7 years ago
- Collection of tools to interact with Intigriti website☆17Aug 10, 2024Updated last year
- XSS Hunter Burp Plugin☆151Aug 31, 2018Updated 7 years ago
- A sample web application using Node.js, Express and Angular that is vulnerable to common security vulnerabilities.☆10Jun 15, 2023Updated 2 years ago
- Telegram Android Passcode BruteForcer☆10Nov 17, 2017Updated 8 years ago
- Take a list of IP addresses and probe for working HTTP and HTTPS servers☆12Mar 12, 2020Updated 6 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Sep 19, 2017Updated 8 years ago
- ☆44May 26, 2017Updated 8 years ago
- A simple script that automates basic pentester reconaissance starting from nmap scans.☆10Dec 10, 2016Updated 9 years ago
- A tool to download program information from Bugcrowd, for use by researchers to compare programs they are eligible to participate in☆21Dec 22, 2022Updated 3 years ago
- PHP Emulator☆13Dec 18, 2016Updated 9 years ago
- My Linux settings☆11Nov 28, 2016Updated 9 years ago
- Minimalistic libvte based terminal.☆14Feb 16, 2026Updated last month
- ☆14Jul 13, 2020Updated 5 years ago
- A vulnerable Play application for attackers.☆18Mar 3, 2026Updated 3 weeks ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆628Feb 5, 2019Updated 7 years ago
- Pool Overflow in OpenVpn NDIS TAP Driver☆17Nov 3, 2015Updated 10 years ago
- whois.cynthia.re V2☆13May 23, 2021Updated 4 years ago
- VyAPI - A cloud based vulnerable hybrid Android App☆86Feb 21, 2020Updated 6 years ago
- ☆13Mar 15, 2022Updated 4 years ago
- A free bookmarklet password generator.☆14May 31, 2014Updated 11 years ago
- Simple Tool For Brute Force The Truecrypt Files☆10Mar 29, 2014Updated 11 years ago
- Practice Web App written in python with some vulnerabilities.☆34Mar 19, 2021Updated 5 years ago