koenbuyens/Vulnerable-OAuth-2.0-Applications external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

koenbuyens/Vulnerable-OAuth-2.0-Applications

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/koenbuyens/Vulnerable-OAuth-2.0-Applications)

Close

koenbuyens / Vulnerable-OAuth-2.0-ApplicationsView on GitHubMore

• External links
• Readme badge

vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.

☆329Mar 27, 2024Updated 2 years ago

Alternatives and similar repositories for Vulnerable-OAuth-2.0-Applications

Users that are interested in Vulnerable-OAuth-2.0-Applications are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• yogisec / VulnerableSAMLApp

  View on GitHub
  Vulnerable SAML infrastructure training applicaiton
  ☆54Feb 2, 2023Updated 3 years ago
• dolevf / Damn-Vulnerable-GraphQL-Application

  View on GitHub
  Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…
  ☆1,677May 24, 2025Updated 10 months ago
• david3107 / graphql-security-labs

  View on GitHub
  GraphQL security workshop labs
  ☆118Jan 31, 2026Updated last month
• Sjord / jwtdemo

  View on GitHub
  Practice hacking JWT tokens
  ☆115Sep 8, 2022Updated 3 years ago
• koenbuyens / oauth-2.0-security-cheat-sheet

  View on GitHub
  oauth security guidelines
  ☆232Jun 25, 2019Updated 6 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• melbadry9 / SSLEnum

  View on GitHub
  Extract SSL certificate data (Subject Name, Subject Alt Names, Organisation)
  ☆42Nov 10, 2025Updated 4 months ago
• optiv / InsecureShop

  View on GitHub
  An Intentionally designed Vulnerable Android Application built in Kotlin.
  ☆255Mar 2, 2022Updated 4 years ago
• optiv / mobile-nuclei-templates

  View on GitHub
  ☆437Jun 1, 2021Updated 4 years ago
• topavankumarj / Vulnerable-OAuth2.0-Application

  View on GitHub
  ☆10Dec 8, 2022Updated 3 years ago
• payloadartist / recon

  View on GitHub
  NodeJS script to extract assets for the Apple bug bounty program from their security acknowledgments page for bug bounty recon.
  ☆78Nov 5, 2022Updated 3 years ago
• dwisiswant0 / wadl-dumper

  View on GitHub
  Dump all available paths and/or endpoints on WADL file.
  ☆98Nov 24, 2025Updated 4 months ago
• 0xTeles / jsleak

  View on GitHub
  a Go code to detect leaks in JS files via regex patterns
  ☆151Oct 20, 2021Updated 4 years ago
• ghsec / ghsec-jaeles-signatures

  View on GitHub
  Signatures for jaeles scanner by @j3ssie
  ☆117Apr 20, 2024Updated last year
• inonshk / 31-days-of-API-Security-Tips

  View on GitHub
  This challenge is Inon Shkedy's 31 days API Security Tips.
  ☆2,233Apr 20, 2022Updated 3 years ago
• NordVPN Special Discount Offer • Ad
  Save on top-rated NordVPN 1 or 2-year plans with secure browsing, privacy protection, and support for for all major platforms.
• httpvoid / writeups

  View on GitHub
  ☆1,202Sep 2, 2022Updated 3 years ago
• defparam / smuggler

  View on GitHub
  Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
  ☆2,068Jan 2, 2024Updated 2 years ago
• streaak / keyhacks

  View on GitHub
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆6,124Aug 14, 2024Updated last year
• imran-parray / Web-Sec-CheatSheet

  View on GitHub
  ☆241Jun 10, 2021Updated 4 years ago
• lc / subjs

  View on GitHub
  Fetches javascript file from a list of URLS or subdomains.
  ☆839Jul 22, 2025Updated 8 months ago
• jdonsec / AllThingsSSRF

  View on GitHub
  This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
  ☆1,364Jan 24, 2021Updated 5 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,482Oct 12, 2024Updated last year
• indianajson / can-i-take-over-dns

  View on GitHub
  "Can I take over DNS?" — a list of DNS providers and how to claim vulnerable domains.
  ☆1,084Mar 3, 2025Updated last year
• appsecco / dvna

  View on GitHub
  Damn Vulnerable NodeJS Application
  ☆766Mar 27, 2024Updated 2 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• ameenmaali / urldedupe

  View on GitHub
  Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations
  ☆395Jun 17, 2020Updated 5 years ago
• daffainfo / Key-Checker

  View on GitHub
  Go scripts for checking API key / access token validity
  ☆221Aug 3, 2021Updated 4 years ago
• ayoubfathi / leaky-paths

  View on GitHub
  A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…
  ☆1,029Feb 22, 2026Updated last month
• Co0nan / ParamsExtractor

  View on GitHub
  A burp-suite plugin that extract all parameter names from in-scope requests
  ☆29Nov 9, 2021Updated 4 years ago
• neex / http2smugl

  View on GitHub
  ☆563Mar 27, 2025Updated last year
• Static-Flow / BurpSuiteAutoCompletion

  View on GitHub
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆164Mar 5, 2021Updated 5 years ago
• arg3t / massurl

  View on GitHub
  A simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau
  ☆12Jun 28, 2021Updated 4 years ago
• daehee / mildew

  View on GitHub
  Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs
  ☆94Jan 21, 2021Updated 5 years ago
• t4kemyh4nd / postMessageLab

  View on GitHub
  ☆15Aug 27, 2020Updated 5 years ago
• Managed Kubernetes at scale on DigitalOcean • Ad
  DigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
• emadshanab / Huge_DIR_wordlist

  View on GitHub
  ☆48Feb 21, 2021Updated 5 years ago
• BonJarber / SecUtils

  View on GitHub
  Random utilities from my security projects that might be useful to others
  ☆183Jan 26, 2025Updated last year
• NagliNagli / Shockwave-OSS

  View on GitHub
  ☆755Jun 26, 2024Updated last year
• ksharinarayanan / SSRFire

  View on GitHub
  An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
  ☆973Dec 8, 2021Updated 4 years ago
• arainho / awesome-api-security

  View on GitHub
  A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…
  ☆3,660Nov 23, 2025Updated 4 months ago
• KingOfBugbounty / KingOfBugBountyTips

  View on GitHub
  Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…
  ☆5,264Mar 13, 2026Updated 2 weeks ago
• Hackmanit / Web-Cache-Vulnerability-Scanner

  View on GitHub
  Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hac…
  ☆1,164Jan 21, 2026Updated 2 months ago