layro01 / node-api-goat
A simple Node.js Express REST app with some OWASP vulnerabilities.
☆15Updated last month
Related projects: ⓘ
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)☆39Updated last year
- Target practice for ffuf☆55Updated 3 years ago
- A very vulnerable implementation of a GraphQL API.☆56Updated 2 years ago
- ☆69Updated last year
- 🐑 Websheep is an app based on a willingly vulnerable ReSTful APIs.☆48Updated 5 months ago
- Intentionaly very vulnerable API with bonus bad coding practices☆36Updated 7 months ago
- Quick Command Cheatsheet, you can import/open directly to you ONE NOTE.☆10Updated 3 years ago
- A simple place to learn XSS☆30Updated 3 years ago
- Tracking my journey towards earning my OSCP. This includes the process of everything that I learn along the way.☆46Updated 2 years ago
- A Burp Suite Extension for pentester and bug bounty hunters an to maintain checklist, map flows, write test cases and track vulnerabiliti…☆110Updated last year
- Analysis and management tools for an Open Asset Model database☆38Updated this week
- Damn Vulnerable Rails app☆11Updated 12 years ago
- This cheasheet is aimed at the Red Teamers to help them find diffent tools and methods to create a Commmand and Control Server and exploi…☆72Updated 3 years ago
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆47Updated last year
- Create your own recon & vulnerability scanner with Trickest and GitHub☆49Updated 11 months ago
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆41Updated 7 months ago
- a vulnerable GraphQL application☆18Updated 4 years ago
- Template used for my OSCP exam.☆26Updated 2 years ago
- XSS Bypass☆29Updated 7 months ago
- Penetration Testing Checklist☆35Updated 4 years ago
- Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare☆55Updated last year
- AWS S3 open bucket poc automated script.☆55Updated 3 years ago
- Scripts that are intended to help you in your pen-testing and bug-hunting efforts by automating various manual tasks, making your work mo…☆65Updated 3 months ago
- HTTP parameter discovery suite.☆59Updated 4 years ago
- OSCP☆37Updated 2 years ago
- Extract endpoints marked as disallow in robots files to generate wordlists.☆53Updated 2 years ago
- A custom built DNS bruteforcer with multi-threading, and handling of bad resolvers.☆57Updated 2 years ago
- Fast Bug Bounty Script☆36Updated last year
- A proper approach to pentest a Web application with the mixture of all useful payloads and complete testing guidance of attacks. Designed…☆38Updated last month
- Automated Web Recon Shell Scripts☆49Updated 2 years ago