mattvaldes / vulnerable-apiLinks
This repository contains an example Python API that is vulnerable to several different web API attacks.
☆70Updated last year
Alternatives and similar repositories for vulnerable-api
Users that are interested in vulnerable-api are comparing it to the libraries listed below
Sorting:
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆42Updated last year
- Clientside vulnerability / reflected xss fuzzer☆150Updated 2 years ago
- ☆71Updated 4 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆157Updated 3 weeks ago
- ASN reconnaissance script☆129Updated last year
- Finds the End-Points in JavaScript files☆94Updated 3 years ago
- AWS Security Checks☆40Updated 7 years ago
- Cross Origin Resource Sharing MisConfiguration Scanner☆174Updated 3 years ago
- Security checks for http headers and cookies☆26Updated 4 years ago
- Detectify Crowdsource Challenge☆69Updated 3 years ago
- Push notifications for passive DNS data☆109Updated 9 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆81Updated 2 years ago
- Awesome XSS Payloads☆84Updated 9 years ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆80Updated 3 years ago
- FockCache - Minimalized Test Cache Poisoning☆110Updated 5 years ago
- This repository contains an example Python API that is vulnerable to several different web API attacks.☆27Updated 6 years ago
- ☆31Updated 4 years ago
- GraphQL security testing tool☆123Updated 3 years ago
- Suite of programs meant to aid in bug hunting and security assessments☆77Updated 5 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆179Updated 2 years ago
- ☆60Updated last year
- XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily,…☆59Updated 4 years ago
- ☆76Updated 4 years ago
- ☆194Updated 6 years ago
- ☆108Updated 4 years ago
- Vulnerable SAML infrastructure training applicaiton☆53Updated 2 years ago
- Misc bounty and vulndisc things☆86Updated 4 years ago
- Parse OpenAPI documents into Burp Suite for automating OpenAPI-based APIs security assessments (approved by PortSwigger for inclusion in …☆203Updated last year
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 4 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆92Updated last month