Alternatives and similar repositories for Web-CTF-Challenges

Users that are interested in Web-CTF-Challenges are comparing it to the libraries listed below

• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆86Updated 4 years ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆126Updated 2 years ago
• Cache-Money / chronorace
  ☆73Updated 4 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 4 years ago
• righettod / burp-piper-custom-scripts
  Custom scripts for the PIPER Burp extensions.
  ☆98Updated 2 years ago
• assetnote / h2csmuggler
  ☆75Updated 2 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆132Updated 4 years ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• vavkamil / wp-update-confusion
  WordPress Plugin Update Confusion
  ☆67Updated 4 years ago
• neex / ghostinthepdf
  ☆170Updated 4 years ago
• ptswarm / ptswarm-twitter
  ☆76Updated 5 years ago
• smiegles / extract-relative-url-heapsnapshot
  Extract relative urls from a heap snapshot
  ☆87Updated 4 years ago
• defparam / haptyc
  ☆95Updated 4 years ago
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆32Updated 3 years ago
• akabe1 / OAUTHScan
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆175Updated last year
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆112Updated last year
• synopsys-sig / ATOR-Burp
  ☆88Updated last year
• Rhynorater / reports
  ☆60Updated last year
• BuffaloWill / burpsuite-project-file-parser
  A Burp Suite Extension for parsing Project Files from the CLI.
  ☆90Updated 3 weeks ago
• random-robbie / ssrf-finder
  Pass list of urls with FUZZ in and it will check if it has found a potential SSRF.
  ☆112Updated 3 years ago
• h4ckboy19 / XXE_A_TO_Z
  ☆44Updated 4 years ago
• d3k4z / burp-copy-as-ffuf
  Burp Extension that copies a request and builds a FFUF skeleton
  ☆112Updated 2 years ago
• bytebutcher / burp-send-to
  Adds a customizable "Send to..."-context-menu to your BurpSuite.
  ☆163Updated 3 years ago
• GoSecure / template-injection-workshop
  Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
  ☆129Updated 3 years ago
• OlivierLaflamme / Auditing-Vulnerabilities
  In this repository I'll host my research and methodologies for auditing vulnerabilities
  ☆29Updated 6 years ago
• war-and-code / akamai-arl-hack
  Script to test open Akamai ARL vulnerability.
  ☆70Updated 4 years ago
• Static-Flow / BurpSuiteAutoCompletion
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆164Updated 4 years ago
• defparam / h1stats
  a tool that compiles a csv of all h1 program stats
  ☆49Updated 2 years ago
• opnsec / postMessage-logger
  Simple "postMessage logger" Chrome extension
  ☆103Updated 5 years ago
• MrMax4o4 / Hunting-Tips
  ☆11Updated 5 years ago