vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
☆329Mar 27, 2024Updated 2 years ago
Alternatives and similar repositories for Vulnerable-OAuth-2.0-Applications
Users that are interested in Vulnerable-OAuth-2.0-Applications are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Vulnerable SAML infrastructure training applicaiton☆54Feb 2, 2023Updated 3 years ago
- Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…☆1,680May 24, 2025Updated 11 months ago
- GraphQL security workshop labs☆118Jan 31, 2026Updated 3 months ago
- Practice hacking JWT tokens☆115Sep 8, 2022Updated 3 years ago
- oauth security guidelines☆232Jun 25, 2019Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)☆42Nov 10, 2025Updated 5 months ago
- An Intentionally designed Vulnerable Android Application built in Kotlin.☆255Mar 2, 2022Updated 4 years ago
- ☆436Jun 1, 2021Updated 4 years ago
- ☆10Dec 8, 2022Updated 3 years ago
- NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.☆78Nov 5, 2022Updated 3 years ago
- Dump all available paths and/or endpoints on WADL file.☆98Nov 24, 2025Updated 5 months ago
- Signatures for jaeles scanner by @j3ssie☆117Apr 20, 2024Updated 2 years ago
- a Go code to detect leaks in JS files via regex patterns☆152Oct 20, 2021Updated 4 years ago
- This challenge is Inon Shkedy's 31 days API Security Tips.☆2,236Apr 20, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆1,202Sep 2, 2022Updated 3 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆2,071Jan 2, 2024Updated 2 years ago
- ☆241Jun 10, 2021Updated 4 years ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆6,210Aug 14, 2024Updated last year
- Fetches javascript file from a list of URLS or subdomains.☆840Jul 22, 2025Updated 9 months ago
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location☆1,369Jan 24, 2021Updated 5 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,493Oct 12, 2024Updated last year
- Damn Vulnerable NodeJS Application☆771Mar 27, 2024Updated 2 years ago
- "Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.☆1,088Mar 3, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations☆400Jun 17, 2020Updated 5 years ago
- Go scripts for checking API key / access token validity☆222Aug 3, 2021Updated 4 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Nov 9, 2021Updated 4 years ago
- ☆563Mar 27, 2025Updated last year
- This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.☆164Mar 5, 2021Updated 5 years ago
- A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau☆12Jun 28, 2021Updated 4 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆1,166Apr 3, 2026Updated last month
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆95Jan 21, 2021Updated 5 years ago
- ☆15Aug 27, 2020Updated 5 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- ☆48Feb 21, 2021Updated 5 years ago
- Random utilities from my security projects that might be useful to others☆183Jan 26, 2025Updated last year
- ☆755Jun 26, 2024Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆972Dec 8, 2021Updated 4 years ago
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,789May 1, 2026Updated last week
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…☆5,330Mar 13, 2026Updated last month
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…☆1,173Jan 21, 2026Updated 3 months ago