Alternatives and similar repositories for VulnLabs

Users that are interested in VulnLabs are comparing it to the libraries listed below

• ettic-team / EndpointFinder-Burp
  ☆32Updated 6 years ago
• netscylla / JWT_Hacking
  Collection of scripts that aid in penetration testing of JSON Web Tokens
  ☆59Updated 6 years ago
• hoainam1989 / training-application-security
  This repository for training application security.
  ☆26Updated 6 years ago
• Team-Firebugs / Burp-LFI-tests
  Fuzzing for LFI using Burpsuite
  ☆66Updated 9 years ago
• no-sec-marko / java-web-vulnerabilities
  Plattform to develop and experiment with existing java web attacks.
  ☆31Updated 7 years ago
• hahwul / ras-fuzzer
  RAS(RAndom Subdomain) Fuzzer
  ☆42Updated 5 years ago
• adamyordan / offbyslash-django-dumper
  A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.
  ☆24Updated 3 years ago
• twelvesec / BearerAuthToken
  This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…
  ☆47Updated 6 years ago
• dreadlocked / SSRFmap
  Simple Server Side Request Forgery services enumeration tool.
  ☆55Updated 7 years ago
• appsecco / VyAPI
  VyAPI - A cloud based vulnerable hybrid Android App
  ☆86Updated 5 years ago
• lc / cspparse
  A tool to evaluate Content Security Policies.
  ☆71Updated 5 years ago
• starhackerz / toriprotate
  Simple burp extension for routing traffic over tor. It instruments tor to switch to a new circuit after every N requests.
  ☆20Updated 3 years ago
• augustd / burp-suite-error-message-checks
  Burp Suite extension to passively scan for applications revealing server error messages
  ☆64Updated last year
• PortSwigger / psycho-path
  psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…
  ☆19Updated 7 years ago
• profmoriarity / wfuxx
  web-based-fuzzer
  ☆32Updated 5 years ago
• Leoid / AWSBurpCollaborator
  Deploy a Private Burpsuite Collaborator using boto3 Python Library
  ☆58Updated 5 years ago
• antichown / vpn-ssl-pulse
  Pulse SSL VPN Arbitrary File Read burp extension
  ☆24Updated 6 years ago
• hahwul / websocket-connection-smuggler
  websocket-connection-smuggler
  ☆66Updated 5 years ago
• foospidy / web-cve-tests
  A simple framework for sending test payloads for known web CVEs.
  ☆133Updated 4 years ago
• eur0pa / goGetBucket
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆26Updated 7 years ago
• EdOverflow / curate
  A tool for fetching archived URLs (to be rewritten in Go).
  ☆41Updated 7 years ago
• codewatchorg / Burp-AnonymousCloud
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆46Updated 2 years ago
• crawl3r / PortswiggerXSS
  gathers the XSS cheatsheet payloads and creates a usable wordlist
  ☆74Updated 4 years ago
• BountyMachine / about
  A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!
  ☆34Updated 7 years ago
• Static-Flow / DirectoryImporter
  This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…
  ☆36Updated 2 years ago
• arbazkiraak / BurpBLH
  Broken Link Hijacking Burp Extension
  ☆57Updated 6 years ago
• samhaxr / XXRF-Shots
  XXRF Shots - Useful for testing SSRF vulnerability
  ☆74Updated 2 years ago
• abdilahrf / shania
  Scan secrets from Continuous Integration Build Logs
  ☆53Updated 6 years ago
• PortSwigger / burp-smart-buster
  A Burp Suite content discovery plugin that add the smart into the Buster!
  ☆32Updated 7 years ago
• Cyb3rMehul / venom
  Auto Recon Bash Script
  ☆31Updated 11 months ago