skiptomyliu / solutions-bwapp

Related projects ⓘ

Alternatives and complementary repositories for solutions-bwapp

• trietptm / SQL-Injection-Payloads
  SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...
  ☆226Updated 4 years ago
• frizb / Bypassing-Web-Application-Firewalls
  A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers
  ☆273Updated 6 years ago
• 1hack0 / bug-bounty-101
  Happy Hunting
  ☆137Updated 5 years ago
• h3xstream / http-script-generator
  ZAP/Burp plugin that generate script to reproduce a specific HTTP request (Intended for fuzzing or scripted attacks)
  ☆288Updated last year
• nixawk / fuzzdb
  Web Fuzzing Discovery and Attack Pattern Database
  ☆113Updated 6 years ago
• m6a-UdS / ssrf-lab
  Lab for exploring SSRF vulnerabilities
  ☆245Updated 3 years ago
• foobarto / redteam-notebook
  Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.
  ☆432Updated 3 years ago
• Varbaek / xsser
  From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
  ☆423Updated 4 years ago
• PortSwigger / xss-validator
  This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
  ☆85Updated 2 years ago
• emadshanab / facebook-bug-bounty-writeups
  Facebook Bug Bounties
  ☆101Updated 3 years ago
• evilcos / xss.swf
  a tiny tool for swf hacking, just browse it:)
  ☆238Updated 11 years ago
• paralax / xss-labs
  small set of scripts to practice exploit XSS and CSRF vulnerabilities
  ☆58Updated 6 years ago
• codewatchorg / bypasswaf
  Add headers to all Burp requests to bypass some WAF products
  ☆330Updated 6 years ago
• PortSwigger / command-injection-attacker
  SHELLING - a comprehensive OS command injection payload generator
  ☆105Updated 5 years ago
• BugHunterID / HackerOneDB
  The unofficial HackerOne disclosure Timeline
  ☆135Updated 5 years ago
• NytroRST / XSSFuzzer
  XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.
  ☆138Updated 5 years ago
• joernchen / xxeserve
  XXE Out of Band Server.
  ☆169Updated last year
• adamdoupe / WackoPicko
  WackoPicko is a vulnerable web application used to test web application vulnerability scanners.
  ☆328Updated 5 months ago
• summitt / burp-ysoserial
  YSOSERIAL Integration with burp suite
  ☆162Updated last year
• Bo0oM / WAF-bypass-Cheat-Sheet
  Another way to bypass WAF Cheat Sheet (draft)
  ☆415Updated 5 years ago
• P0cL4bs / kadimus
  kadimus is a tool to check and exploit lfi vulnerability.
  ☆514Updated 4 years ago
• NickstaDB / DeserLab
  Java deserialization exploitation lab.
  ☆236Updated 5 years ago
• kacperszurek / exploits
  ☆259Updated 5 years ago
• ewilded / shelling
  SHELLING - a comprehensive OS command injection payload generator
  ☆438Updated 4 years ago
• WangYihang / Exploit-Framework
  An Exploit framework for Web Vulnerabilities written in Python
  ☆170Updated 4 years ago
• nccgroup / CrossSiteContentHijacking
  Content hijacking proof-of-concept using Flash, PDF and Silverlight
  ☆381Updated 5 years ago
• gottburgm / Exploits
  Containing Self Made Perl Reproducers / PoC Codes
  ☆195Updated 4 years ago
• davevs / dvxte
  Damn Vulnerable eXtensive Training Environment
  ☆102Updated 2 years ago