juice-shop / pwning-juice-shop

Related projects ⓘ

Alternatives and complementary repositories for pwning-juice-shop

• juice-shop / juice-shop-ctf
  Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF
  ☆410Updated 3 weeks ago
• jbarone / xxelab
  A simple web app with a XXE vulnerability.
  ☆225Updated 3 years ago
• DevSlop / Pixi
  The Pixi module is a MEAN Stack web app with wildly insecure APIs!
  ☆112Updated last year
• RhinoSecurityLabs / Swagger-EZ
  A tool geared towards pentesting APIs using OpenAPI definitions.
  ☆168Updated 2 years ago
• appsecco / dvja
  Damn Vulnerable Java (EE) Application
  ☆130Updated 9 months ago
• tomdev / teh_s3_bucketeers
  ☆273Updated 3 years ago
• secdec / attack-surface-detector-burp
  The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
  ☆98Updated 11 months ago
• anshumanbh / brutesubs
  An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …
  ☆257Updated 3 years ago
• juice-shop / multi-juicer
  Host and manage multiple Juice Shop instances for security trainings and Capture The Flags
  ☆275Updated this week
• doyensec / burpdeveltraining
  Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
  ☆347Updated 4 years ago
• geeksonsecurity / vuln-web-apps
  A curated list of vulnerable web applications.
  ☆264Updated 10 months ago
• security-prince / Resources-for-Application-Security
  Some good resources for getting started with application security
  ☆135Updated 3 years ago
• mandatoryprogrammer / xsshunter_client
  Correlated injection proxy tool for XSS Hunter
  ☆249Updated last year
• appsecco / vulnerable-apps
  ☆215Updated 2 years ago
• ScaleSec / vulnado
  Purposely vulnerable Java application to help lead secure coding workshops
  ☆169Updated 4 months ago
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆443Updated 5 years ago
• eystsen / pentestlab
  Fast and easy script to manage pentesting training apps
  ☆316Updated 9 months ago
• zaproxy / zap-hud
  The ZAP Heads Up Display (HUD)
  ☆253Updated last week
• OWASP / OWASP-VWAD
  This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory
  ☆873Updated 3 weeks ago
• h3xstream / burp-retire-js
  Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.
  ☆200Updated 5 months ago
• wisec / domxsswiki
  Automatically exported from code.google.com/p/domxsswiki
  ☆518Updated 6 years ago
• ZephrFish / BugBountyTemplates
  A collection of templates for bug bounty reporting
  ☆379Updated 3 years ago
• Static-Flow / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆252Updated 2 years ago
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆316Updated 2 weeks ago
• daeken / SSRFTest
  SSRF testing tool
  ☆241Updated last year
• koenbuyens / Vulnerable-OAuth-2.0-Applications
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆306Updated 7 months ago
• yeswehack / pwn-machine
  PwnMachine is a self hosting solution based on docker aiming to provide an easy to use pwning station for bug hunters.
  ☆302Updated 3 months ago
• secdec / attack-surface-detector-cli
  ☆75Updated 2 years ago
• jerryhoff / WebGoat.NET
  OWASP WebGoat.NET
  ☆223Updated 11 months ago
• JordyZomer / autoSubTakeover
  A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking ou…
  ☆131Updated last year