Alternatives and similar repositories for ctf01d

Users that are interested in ctf01d are comparing it to the libraries listed below

• yeswehack / pp-finder
  PP-finder Help you find gadget for prototype pollution exploitation
  ☆185Updated last year
• kunte0 / phar-jpg-polyglot
  Phar + JPG Polyglot generator and playground (CTF CODE)
  ☆95Updated 7 years ago
• voidz0r / CVE-2022-44268
  A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read
  ☆217Updated 9 months ago
• mogwailabs / DNSrebinder
  A python based minimal DNS server to test/verify DNS rebinding attacks
  ☆69Updated 2 years ago
• KTH-LangSec / server-side-prototype-pollution
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆221Updated 11 months ago
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆281Updated 3 months ago
• zeyu2001 / My-CTF-Challenges
  Challenges I wrote for various CTF competitions
  ☆45Updated last year
• yevh / VulnPlanet
  Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)
  ☆165Updated last year
• silentsignal / rsa_sign2n
  Deriving RSA public keys from message-signature pairs
  ☆362Updated last year
• neex / 1u.ms
  ☆185Updated 6 months ago
• hackvertor / blind-css-exfiltration
  ☆124Updated 2 years ago
• Horlad / r3dir
  HTTP redirection service designed to help bypass SSRF filters. Integrated with Burp Suite.
  ☆60Updated 6 months ago
• Orange-Cyberdefense / grepmarx
  A source code static analysis platform for AppSec enthusiasts.
  ☆265Updated last month
• teambi0s / dfunc-bypasser
  This tool is for letting you know how strong your disable_functions is and how you can bypass that.
  ☆141Updated 6 years ago
• Syzik / DockerRegistryGrabber
  Enumerate / Dump Docker Registry
  ☆180Updated last year
• BlackFan / BFScan
  Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used …
  ☆237Updated last month
• Invicti-Security / brainstorm
  A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery
  ☆380Updated last year
• 0xGodson / blogs
  ✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com
  ☆21Updated 3 years ago
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆112Updated last year
• Hakumarachi / Loose-Compare-Tables
  A complete table of results of types comparison in multiple languages
  ☆36Updated 3 years ago
• srini0x00 / dvta
  Damn Vulnerable Thick Client App developed in C# .NET
  ☆171Updated 2 years ago
• Brum3ns / firefly
  Black box fuzzer for web applications
  ☆436Updated 5 months ago
• wdahlenburg / werkzeug-debug-console-bypass
  Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege e…
  ☆62Updated 3 years ago
• pomo-mondreganto / ForcAD
  Pure-python distributable Attack-Defence CTF platform, created to be easily set up.
  ☆174Updated 2 years ago
• j0lt-github / python-deserialization-attack-payload-generator
  Peas create serialized payload for deserialization RCE attack on python driven applications where pickle ,pyYAML, ruamel.yaml or jsonpick…
  ☆125Updated 2 years ago
• Ambrotd / XXE-Notes
  XXE techniques
  ☆12Updated 4 years ago
• user0x1337 / CVE-2022-39227
  CVE-2022-39227 : Proof of Concept
  ☆22Updated last year
• dhmosfunk / CVE-2023-25690-POC
  CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request …
  ☆282Updated last year
• NotSoSecure / NotSoCereal-Lab
  NotSoCereal: A Deserialization exploit playground
  ☆54Updated 3 years ago
• jhonnybonny / bitrix-nuclei-templates
  Some nuclei templates for pentest CMS Bitrix
  ☆37Updated last month