s4n7h0 / xvwa
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
☆1,697Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for xvwa
- A collection of PHP backdoors. For educational or testing purposes only.☆2,206Updated 8 months ago
- Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!☆1,886Updated 3 years ago
- A DNS meta-query spider that enumerates DNS records, and subdomains.☆3,361Updated 2 years ago
- Command line utility for searching and downloading exploits☆1,726Updated 5 months ago
- Linux Exploit Suggester; based on operating system release number☆1,778Updated 10 years ago
- Miscellaneous exploit code☆1,521Updated last year
- A modern vulnerable web app☆971Updated 3 years ago
- Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.☆3,579Updated last month
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,333Updated 6 months ago
- ☆2,183Updated 11 months ago
- Automated All-in-One OS Command Injection Exploitation Tool.☆4,618Updated this week
- Rip web accessible (distributed) version control systems: SVN/GIT/HG...☆1,706Updated 4 months ago
- Post Exploitation Collection☆1,554Updated 4 years ago
- Git All the Payloads! A collection of web attack payloads.☆3,629Updated last year
- Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload cre…☆3,446Updated last month
- Sleepy Puppy XSS Payload Management Framework☆1,032Updated 6 years ago
- PHP Webshell with handy features☆2,401Updated last year
- Network Infrastructure Penetration Testing Tool☆1,618Updated 3 years ago
- Damn Small Vulnerable Web☆785Updated 5 months ago
- Collection of CTF Web challenges I made☆2,688Updated last year
- Weaponized web shell☆3,203Updated last month
- A post-exploitation powershell tool for extracting juicy info from memory.☆1,830Updated 4 months ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,684Updated 3 years ago
- online port scan scraper☆1,109Updated last year
- The XSS Hunter service - a portable version of XSSHunter.com☆1,491Updated last year
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,797Updated 7 months ago
- Advanced Web Shell☆573Updated 7 years ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆4,996Updated 3 weeks ago
- A collection of PHP exploit scripts, found when investigating hacked servers. These are stored for educational purposes and to test fuzze…☆838Updated 8 months ago