Alternatives and similar repositories for ctf-cheatsheet

Users that are interested in ctf-cheatsheet are comparing it to the libraries listed below

• farisv / PIL-RCE-Ghostscript-CVE-2018-16509
  PoC + Docker Environment for Python PIL/Pillow Remote Shell Command Execution via Ghostscript CVE-2018-16509
  ☆59Updated 4 years ago
• terjanq / same-origin-xss
  Same Origin XSS challenge
  ☆62Updated 3 years ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆82Updated 2 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 4 years ago
• CsEnox / CVE-2021-22911
  Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1
  ☆58Updated 2 years ago
• p4k03n4t0r / http-request-smuggling
  Blog about HTTP Request Smuggling, including a demo application.
  ☆29Updated 3 years ago
• OlivierLaflamme / Auditing-Vulnerabilities
  In this repository I'll host my research and methodologies for auditing vulnerabilities
  ☆29Updated 5 years ago
• neex / ghostinthepdf
  ☆169Updated 3 years ago
• BlackFan / ctfs
  CTF writeups
  ☆30Updated 3 years ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆124Updated 2 years ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆85Updated 4 years ago
• pimps / gopher-tomcat-deployer
  Gopher Tomcat Deployer
  ☆48Updated 6 years ago
• cnotin / RazorVulnerableApp
  DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SS…
  ☆28Updated 5 years ago
• Universe1122 / smuggler.py
  HTTP request smuggling tools
  ☆18Updated 5 years ago
• PalindromeLabs / Java-Deserialization-CVEs
  Compiled dataset of Java deserialization CVEs
  ☆60Updated 5 years ago
• FSecureLABS / N1QLMap
  The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.
  ☆77Updated 5 years ago
• rekter0 / exploits
  ☆51Updated 3 years ago
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆111Updated last year
• vp777 / surferFTP
  SSRF to TCP Port Scanning, Banner and Private IP Disclosure by abusing the FTP protocol/clients
  ☆70Updated 4 years ago
• motikan2010 / CVE-2021-29447
  WordPress - Authenticated XXE (CVE-2021-29447)
  ☆42Updated 3 years ago
• GovTech-CSG / ProxyAgent
  ☆64Updated 3 years ago
• Paradoxis / Flask-Unsign-Wordlist
  The following package is the standalone wordlist-only component to flask-unsign.
  ☆40Updated last year
• GoSecure / template-injection-workshop
  Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
  ☆128Updated 2 years ago
• synacktiv / burp-jq
  Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.
  ☆48Updated 4 years ago
• parrot409 / Parmy
  A extension for collecting parameters
  ☆25Updated 4 years ago
• redtimmy / Richsploit
  Exploitation toolkit for RichFaces
  ☆104Updated last year
• angelystor / potato-academy
  Some vulnerability research slides that I made
  ☆12Updated 3 years ago
• shhnjk / cursed_types
  List of Trusted Types bypasses
  ☆102Updated last year
• peterjson31337 / tetctf2021
  tetctf2020_amf_writeups
  ☆23Updated 4 years ago
• mpgn / CVE-2019-7609
  RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
  ☆56Updated 5 years ago