π Websheep is an app based on a willingly vulnerable ReSTful APIs.
β58Mar 25, 2024Updated 2 years ago
Alternatives and similar repositories for websheep
Users that are interested in websheep are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!β135Dec 22, 2022Updated 3 years ago
- Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API reβ¦β508Mar 29, 2026Updated last month
- A very vulnerable implementation of a GraphQL API.β61Nov 12, 2021Updated 4 years ago
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)β47Feb 2, 2023Updated 3 years ago
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testingβ1,206Apr 7, 2026Updated 3 weeks ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits β’ AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Intentionaly very vulnerable API with bonus bad coding practicesβ52Nov 15, 2025Updated 5 months ago
- completely ridiculous API (crAPI)β1,487Apr 2, 2026Updated last month
- vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.β1,332Jan 10, 2025Updated last year
- β426Aug 13, 2022Updated 3 years ago
- Vulnerable APIβ423Mar 4, 2023Updated 3 years ago
- A burpsuite extension that helps security researchers find public security reports published on h1 based on the selected hostβ42May 9, 2020Updated 5 years ago
- Automated Linux service that collects information on local Wi-Fi networks and performs deauthentication attacks.β69Mar 4, 2023Updated 3 years ago
- A small and dirty python3 based script to download courses from Infosec Institute.β12Oct 6, 2021Updated 4 years ago
- Burp Suite extension for parsing Swagger web service definition filesβ19Jul 15, 2025Updated 9 months ago
- Open source password manager - Proton Pass β’ AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Custom scripts used during the scenarioβ21Apr 5, 2021Updated 5 years ago
- by Gary O'Leary-Steele | cloned from https://sentinel.appcheck-ng.com/static/pm/logger.htmlβ12Sep 16, 2019Updated 6 years ago
- Parse OpenAPI specifications, previously known as Swagger specifications, into the BurpSuite for automating RESTful API testing β approveβ¦β46Feb 22, 2024Updated 2 years ago
- Two hacking challenges related to HTTP request smugglingβ19Mar 22, 2022Updated 4 years ago
- Removes duplicate entries from a file, resulting in only unique parameter combinations. Useful for parsing waybackurls and making recon mβ¦β11May 31, 2020Updated 5 years ago
- Converts John The Ripper/Cain format hashes (singular, or in bulk) to HashCat compatible hash format.β35Nov 24, 2019Updated 6 years ago
- Plattform to develop and experiment with existing java web attacks.β31Jan 8, 2018Updated 8 years ago
- Extract metadata with SSRF (Server-Side Request Forgery)β16Jul 23, 2022Updated 3 years ago
- Sharing Various Thingsβ21Jun 28, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Vulnerable Banking Suiteβ171Sep 29, 2025Updated 7 months ago
- Contextual Content Discovery Toolβ3,158Apr 29, 2024Updated 2 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.β31Jun 22, 2023Updated 2 years ago
- β11May 12, 2022Updated 3 years ago
- Unauthorized Access to Metadata and User Data like CTFβ28Nov 30, 2024Updated last year
- Route53/CloudFront Vulnerability Assessment Utilityβ86Sep 11, 2023Updated 2 years ago
- Extract parameters/paths from urlsβ17Aug 2, 2020Updated 5 years ago
- Damn Vulnerable Java (EE) Applicationβ148Jan 23, 2024Updated 2 years ago
- Lab for learning JWT.β34Jan 19, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer β’ AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- β19Oct 4, 2021Updated 4 years ago
- Practice hacking JWT tokensβ115Sep 8, 2022Updated 3 years ago
- Introduction to CYS4-SensitiveDiscoverer, a Burp extension that discovers sensitive information inside HTTP messages.β23Nov 26, 2024Updated last year
- NTAPI hook bypass with (semi) legit stack traceβ19May 9, 2023Updated 2 years ago
- vulnerable APIs inspired by https://github.com/mattvaldes/vulnerable-apiβ13Dec 8, 2021Updated 4 years ago
- A tool capable of bypassing easy root detection mechanisms by patching applications automatically (without frida).β32Jun 20, 2024Updated last year
- all manner of wordlistsβ24Jan 19, 2022Updated 4 years ago