Spring-Boot app for demonstrating security vulnaribilities
☆13Aug 21, 2019Updated 6 years ago
Alternatives and similar repositories for damn-vulnerable-spring-boot-app
Users that are interested in damn-vulnerable-spring-boot-app are comparing it to the libraries listed below
Sorting:
- ☆16Oct 8, 2025Updated 5 months ago
- Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.☆12Sep 30, 2018Updated 7 years ago
- Custom Fortify SCA rules to detect common JSSE certification validation flaws☆11Nov 18, 2015Updated 10 years ago
- Debug JSSE Provider☆14Dec 4, 2024Updated last year
- ☆14Jun 25, 2019Updated 6 years ago
- Two Proof-Of-Concepts of SUID binary vulnerabilities on BMC Patrol allowing to elevate privileges from any linux user to root.☆12Jun 29, 2020Updated 5 years ago
- A tool to generate OpenXML XXE Payloads written in Python3.☆16Aug 21, 2019Updated 6 years ago
- Demo of a webapp with flawed security, for training purposes☆20Apr 10, 2023Updated 2 years ago
- Example project demonstrating some kind of OpenSSL certificate pinning. Related to blogpost at TKTK showing how to bypass such pinning.☆19Jan 2, 2015Updated 11 years ago
- 365 days of hacking (漏洞挖掘365天挑战)☆17Mar 2, 2022Updated 4 years ago
- HEVD Multi-Exploit by m_101☆23Jun 24, 2018Updated 7 years ago
- HTTP requests of FrontPage expolit☆25Dec 19, 2013Updated 12 years ago
- Practical Web Penetration Testing, published by Packt☆25Jan 30, 2023Updated 3 years ago
- multi_path exploit now with remount for iOS 11.3.X (english version)☆19Jul 4, 2018Updated 7 years ago
- My Custom made Nuceli-Templates☆22Aug 5, 2025Updated 7 months ago
- PoC Code for CVE-2018-16712 (exploit by MmMapIoSpace)☆25Dec 1, 2018Updated 7 years ago
- Vulnerable webapp testbed☆24May 11, 2016Updated 9 years ago
- Conference Papers and Appendicies (USENIX Security, BlackHat, HITBSecConf, and BeVX)☆27Aug 6, 2023Updated 2 years ago
- CTF Write-ups☆27Apr 7, 2019Updated 6 years ago
- OpenID Shared Signals and Events (SSE) / Continuous Access Evaluation Protocol (CAEP) / Risk Incident Sharing and Coordination (RISC) JSO…☆14Jun 7, 2024Updated last year
- Serial Whitelist Application Trainer☆30Jul 7, 2019Updated 6 years ago
- 用于去除 Xshell7 / Xftp7 免费版本在关闭时出现的弹窗。☆10Jan 24, 2023Updated 3 years ago
- CVE-2020-2021☆22Oct 12, 2020Updated 5 years ago
- Slides from my talk "whoami /priv" at Romhack 2018☆39Sep 24, 2018Updated 7 years ago
- Auto Recon Bash Script☆31Dec 31, 2024Updated last year
- JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.☆34Jul 9, 2017Updated 8 years ago
- Web Application Firewall (WAF) Detector☆35Mar 13, 2023Updated 2 years ago
- Telegram Widget Authenticator For Keycloak☆13Dec 20, 2025Updated 2 months ago
- 基于tauri+vue的v2ray gui客户端☆10Apr 10, 2024Updated last year
- CVE-2019-3799 - Spring Cloud Config Server: Directory Traversal < 2.1.2, 2.0.4, 1.4.6☆31Apr 18, 2019Updated 6 years ago
- ☆16Updated this week
- This repo will turn into a list of training materials for python starters with focus on security☆13Nov 21, 2018Updated 7 years ago
- Reliable Keycloak user migration at scale. Features include bounded concurrency, durable retries, and zero data loss.☆31Jan 13, 2026Updated last month
- 2024年好用的IPLC VPS汇总推荐 - 高速稳定且安全的国际私用线路选择☆23Jan 11, 2025Updated last year
- Server and development environment provisioning data and configurations☆10Jun 25, 2018Updated 7 years ago
- Clone of google-sparsehash☆17Sep 3, 2011Updated 14 years ago
- POC for CVE-2018-4327☆42Sep 13, 2018Updated 7 years ago
- A transformer that decodes swipes across a smartphone keyboard into words (gesture / swipe / glide typing) (enhanced yandex cup solution)☆16Feb 20, 2026Updated 2 weeks ago
- Safe VPN over SSH and Gvisor☆12Apr 17, 2024Updated last year