Alternatives and similar repositories for vulnerable:

Users that are interested in vulnerable are comparing it to the libraries listed below

• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆27Updated 6 years ago
• karelorigin / XSS-Problems
  ☆34Updated 5 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆33Updated 6 years ago
• gwen001 / testxss
  PHP tool to test XSS
  ☆22Updated 5 years ago
• rojan-rijal / ReconUI
  Alpha version code of Recon UI
  ☆14Updated 7 years ago
• silentsignal / ActiveScan3Plus
  Modified version of ActiveScan++ Burp Suite extension
  ☆31Updated 8 years ago
• securityidiots / vhost_buster
  A simple tool with the power of "Go" to find the hidden Vhosts defined at the server.
  ☆19Updated 6 years ago
• skorov / subdomainator
  Stay on top of new domains! Bug bounty hunters can use this tool to receive Pushbullet notifications each time there is a new target subd…
  ☆26Updated 7 years ago
• bayotop / sink-logger
  Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.
  ☆49Updated 2 years ago
• smiegles / crossdomain
  Exploit insecure crossdomain.xml files.
  ☆26Updated 7 years ago
• snyff / oauthsecurity
  OAuth Security Cheatsheet
  ☆40Updated 10 years ago
• bcoles / sitecore_scan
  A simple remote scanner for Sitecore CMS
  ☆13Updated 10 months ago
• jayeshchauhan / SKANDA
  OWASP Skanda - SSRF Exploitation Framework
  ☆38Updated 11 years ago
• PortSwigger / detect-dynamic-js
  The DetectDynamicJS Burp Extension provides an additional passive scanner that tries to find differing content in JavaScript files and ai…
  ☆13Updated 6 years ago
• securelayer7 / Race-conditional-vulnerable-Web-application-
  This application is developed to test the race condition vulnerability in the web application. We have discussed about this vulnerability…
  ☆14Updated 8 years ago
• tmendo / BurpIntruderFilePayloadGenerator
  Burp Intruder File Payload Generator
  ☆18Updated 5 years ago
• EdOverflow / curate
  A tool for fetching archived URLs (to be rewritten in Go).
  ☆40Updated 6 years ago
• plenumlab / GQL-Helper
  This is a small extension to make graphql readable
  ☆30Updated 6 years ago
• ettic-team / EndpointFinder-Burp
  ☆32Updated 5 years ago
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆31Updated 7 years ago
• MrTaherAmine / pentest-management
  Simple webinterface combining different recon tools.
  ☆12Updated 7 years ago
• NetSPI / crossdomainscanner
  Python tool for expired domain discovery in crossdomain.xml files
  ☆24Updated 8 years ago
• gwen001 / BBstats
  Bug Bounty statistics tool.
  ☆31Updated 2 years ago
• humblelad / Needle
  Instant access to you bug bounty submission dashboard on various platforms + publicly disclosed reports + #bugbountytip
  ☆22Updated 4 years ago
• rojan-rijal / Pyrate
  Practice Web App written in python with some vulnerabilities.
  ☆34Updated 4 years ago
• VincentDS / HackerOne-Notifier
  Send notifications if a new program is published on HackerOne using Pushbullet
  ☆26Updated 8 years ago
• adityaks / sparty
  Sparty - MS Sharepoint and Frontpage Auditing Tool
  ☆31Updated 10 years ago
• twelvesec / BearerAuthToken
  This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…
  ☆46Updated 6 years ago
• adamyordan / offbyslash-django-dumper
  A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.
  ☆24Updated 2 years ago
• gwen001 / actarus
  Actarus is a custom tool for bug bounty
  ☆76Updated 5 years ago