mattvaldes / vulnerable-api
This repository contains an example Python API that is vulnerable to several different web API attacks.
☆69Updated last year
Alternatives and similar repositories for vulnerable-api:
Users that are interested in vulnerable-api are comparing it to the libraries listed below
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆42Updated last year
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆101Updated last year
- ☆29Updated 3 years ago
- ASN reconnaissance script☆125Updated last year
- This repository contains an example Python API that is vulnerable to several different web API attacks.☆27Updated 6 years ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆60Updated 6 years ago
- GraphQL security workshop labs☆102Updated 8 months ago
- Clientside vulnerability / reflected xss fuzzer☆150Updated last year
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆154Updated last week
- A tool geared towards pentesting APIs using OpenAPI definitions.☆174Updated 2 years ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆80Updated 2 years ago
- HTTP parameter discovery suite.☆94Updated 4 years ago
- ☆71Updated 4 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- ☆17Updated 3 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆137Updated 5 years ago
- All-in-one AWS S3 bucket tool for pentesters.☆72Updated 6 years ago
- VyAPI - A cloud based vulnerable hybrid Android App☆84Updated 5 years ago
- Push notifications for passive DNS data☆108Updated 8 years ago
- Automatically modify the User-Agent header in all Burp requests☆55Updated 7 years ago
- Suite of programs meant to aid in bug hunting and security assessments☆77Updated 5 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆87Updated 6 months ago
- A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.☆164Updated 5 years ago
- Reclaim control of your Burp Suite Repeater tabs with this powerful extension☆67Updated 3 years ago
- Misc bounty and vulndisc things☆84Updated 4 years ago
- ☆61Updated 8 months ago
- XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily,…☆53Updated 4 years ago
- Damn Vulnerable WordPress Site☆51Updated 2 years ago
- learning case to prepare OSWE☆37Updated 5 years ago
- ☆20Updated last year