PAYGoat is a banking application built for educational purposes, focused on exploring and understanding common business logic flaws in financial platforms.
☆187Feb 18, 2026Updated 2 weeks ago
Alternatives and similar repositories for PAYGoat
Users that are interested in PAYGoat are comparing it to the libraries listed below
Sorting:
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated 11 months ago
- These are installation notes based on Mayfly's installation notes. They are more streamlined for Vagrant as I did not take the Docker rou…☆28Jun 19, 2024Updated last year
- SATO is a PowerShell tool focuses on providing flexible, multi-grant type support for obtaining, managing, and analyzing Azure tokens.☆22Nov 24, 2025Updated 3 months ago
- Persistence techniques for windows.☆19Jun 26, 2023Updated 2 years ago
- ☆36Jul 1, 2025Updated 8 months ago
- Adversary Simulation Framework☆38Aug 19, 2025Updated 6 months ago
- A simple program to query nmap xml files in the terminal.☆27May 4, 2020Updated 5 years ago
- CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit☆74Sep 11, 2024Updated last year
- The different ways to dump lsass☆266Aug 15, 2025Updated 6 months ago
- Unix Process hollowing in rust☆22Dec 16, 2024Updated last year
- Python tool to automatically perform SPN-less RBCD attacks.☆123Jan 7, 2026Updated last month
- ☆44Oct 1, 2025Updated 5 months ago
- Adversary Emulation Framework☆129Jul 1, 2025Updated 8 months ago
- Exploit AD CS misconfiguration allowing privilege escalation and persistence from any child domain to full forest compromise☆129Dec 2, 2023Updated 2 years ago
- Offensive recon with GitHub Actions☆11Aug 25, 2024Updated last year
- Active Directory share enumeration tool☆12Apr 28, 2025Updated 10 months ago
- A simple tool designed to create Atomic Red Team tests with ease.☆49Mar 11, 2025Updated 11 months ago
- BloodHound-MCP-AI is integration that connects BloodHound with AI through Model Context Protocol, allowing security professionals to anal…☆338Jun 2, 2025Updated 9 months ago
- Intentionally Vulnerable Nodejs Application & APIs☆21Apr 9, 2022Updated 3 years ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆112Jan 12, 2024Updated 2 years ago
- ☆16Jan 23, 2026Updated last month
- A lightweight Python HTTP server with fuzzy filename matching and automatic fallback to directory listing.☆13Aug 28, 2025Updated 6 months ago
- A Burp Suite extension that converts IP addresses to decimal notation, useful for SSRF bypass and WAF evasion testing. Created by Harshad…☆11Dec 9, 2024Updated last year
- ☆12Oct 9, 2022Updated 3 years ago
- Automated script for obfuscating, rebranding and renaming the Havoc C2 Framework to evade AV/EDR and C2 hunters.☆46Aug 13, 2025Updated 6 months ago
- Collection of Notes and CheatSheets used for Red teaming Certs☆494Feb 13, 2023Updated 3 years ago
- PfSense Stored XSS lead to Arbitrary Code Execution exploit☆50Jan 12, 2025Updated last year
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆45Mar 8, 2024Updated last year
- ADDS (Active Directory Domain Services)☆28Feb 3, 2026Updated last month
- ☆682Feb 28, 2026Updated last week
- DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficient…☆16Jan 25, 2026Updated last month
- Free Windows privilege escalation lab inspired by HTB Devel, built for PNPT and OSCP practice.☆23Jan 13, 2026Updated last month
- Webmin 1.910 - Remote Code Execution Using Python Script☆10Feb 6, 2024Updated 2 years ago
- Interactive XSS Labs to get into Client-Side Hacking☆55Feb 25, 2026Updated last week
- Sliver CheatSheet for OSEP☆253Nov 29, 2025Updated 3 months ago
- ZoomBotC2 is a stealthy Command and Control (C2) framework that leverages Zoom's API endpoints for covert communication between implants …☆56Jun 30, 2025Updated 8 months ago
- Unauthenticated Remote Code Execution via Angular-Base64-Upload Library☆26Jul 12, 2025Updated 7 months ago
- ☆29Sep 4, 2024Updated last year
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆147Jul 17, 2025Updated 7 months ago