juice-shop / juice-shopLinks
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
☆11,439Updated this week
Alternatives and similar repositories for juice-shop
Users that are interested in juice-shop are comparing it to the libraries listed below
Sorting:
- WebGoat is a deliberately insecure application☆7,601Updated 2 weeks ago
- The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.☆8,114Updated 2 weeks ago
- Damn Vulnerable Web Application (DVWA)☆11,496Updated 3 weeks ago
- Official OWASP Top 10 Document Repository☆4,676Updated this week
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,579Updated last year
- Web application fuzzer☆6,220Updated 10 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,948Updated 2 months ago
- Directory/File, DNS and VHost busting tool written in Go☆12,142Updated last week
- A list of public penetration test reports published by several consulting firms and academic security groups.☆9,012Updated last year
- OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is…☆1,384Updated last week
- OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and p…☆1,633Updated 2 years ago
- In-depth attack surface mapping and asset discovery☆13,228Updated this week
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,364Updated 8 months ago
- HTTP parameter discovery suite.☆5,734Updated 4 months ago
- Awesome XSS stuff☆4,941Updated 8 months ago
- Web and mobile application security training platform☆1,393Updated last year
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆10,020Updated this week
- Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.☆5,120Updated 5 months ago
- Fast passive subdomain enumeration tool.☆11,952Updated 2 weeks ago
- Impacket is a collection of Python classes for working with network protocols.☆14,528Updated this week
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆68,341Updated this week
- 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List☆7,246Updated 11 months ago
- 🎯 Command Injection Payload List☆3,383Updated 11 months ago
- OWASP API Security Project☆2,184Updated 6 months ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,248Updated 5 months ago
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆11,818Updated 8 months ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,446Updated last year
- The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topic…☆29,876Updated this week
- OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.☆1,237Updated this week
- E-mails, subdomains and names Harvester - OSINT☆12,998Updated this week