Web application with vulnerabilities found in real cases, both in pentests and in Bug Bounty programs.
☆171Nov 17, 2023Updated 2 years ago
Alternatives and similar repositories for web-hacking-playground
Users that are interested in web-hacking-playground are comparing it to the libraries listed below
Sorting:
- Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using…☆152Dec 26, 2023Updated 2 years ago
- Cloud Exploit Framework☆112May 11, 2022Updated 3 years ago
- A tool to parse, deduplicate, and query multiple port scans.☆57Aug 11, 2023Updated 2 years ago
- Gampung tools for find nuclei template from github☆12Sep 6, 2023Updated 2 years ago
- ☆16Oct 30, 2022Updated 3 years ago
- Saves pages to Wayback machine☆12Dec 2, 2024Updated last year
- Scripts and piece of codes used for Active Directory configuration☆83Feb 14, 2023Updated 3 years ago
- The motive to build this repo is to help beginner to start learn Android Pentesting by providing a roadmap.☆436Jul 11, 2022Updated 3 years ago
- recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…☆25Feb 11, 2023Updated 3 years ago
- ☆30Jul 28, 2024Updated last year
- hackxpert labs☆18Jun 29, 2022Updated 3 years ago
- Modular framework to exploit UPS devices☆64Mar 1, 2023Updated 3 years ago
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- A Collection of articles, videos, blogs, talks and other materials on Node.js Security☆26Jul 10, 2019Updated 6 years ago
- A simple tool for bypassing file upload restrictions.☆893Jul 22, 2024Updated last year
- Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare☆58Jan 10, 2023Updated 3 years ago
- Subdomains analysis and generation tool. Reveal the hidden!☆244Jun 8, 2025Updated 9 months ago
- ☆46Mar 20, 2021Updated 4 years ago
- Zed Attack Proxy Scripts for finding CVEs and Secrets.☆128Jun 2, 2022Updated 3 years ago
- Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic lo…☆272Jan 18, 2023Updated 3 years ago
- a recon framework that facilitates discovering, scanning and monitoring assets trough a configurable engine running on serverless aws inf…☆12Aug 26, 2024Updated last year
- 🚪 Quick & dirty Wordpress Command Execution Shell☆66Jan 24, 2022Updated 4 years ago
- Find subdomains on GitLab.☆106Apr 28, 2024Updated last year
- Cannon is a post-exploitation framework fully developed using python3. You will be able to download and upload files, run pre-defined mod…☆19Jul 21, 2021Updated 4 years ago
- Highly configurable script for dictionary/spray attacks against online web applications.☆53Nov 8, 2022Updated 3 years ago
- Real world bug bounty wordlists☆116Jul 20, 2023Updated 2 years ago
- Burp Suite Certified Practitioner Exam Study☆1,325Feb 5, 2026Updated last month
- Tool to fuzz for interesting vhost.☆23Jan 8, 2025Updated last year
- Wordlists handcrafted (and automated) with ♥☆230Aug 1, 2025Updated 7 months ago
- 🔭 Collection of regexp pattern for security passive scanning☆116Feb 18, 2023Updated 3 years ago
- Here you will find information and examples about the most known vulnerabilities in the Bug Bounty world! [ EN ESPAÑOL ]☆14Oct 23, 2021Updated 4 years ago
- An open-source self-hosted purple team management web application.☆304Feb 15, 2026Updated 3 weeks ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆180Feb 14, 2023Updated 3 years ago
- An XSS exploitation command-line interface and payload generator.☆1,415Jan 19, 2025Updated last year
- An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code …☆406Jan 22, 2025Updated last year
- Wireless Intrusion Detection System for Hak5's WiFi Coconut☆31Apr 5, 2023Updated 2 years ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆51Oct 12, 2024Updated last year
- D3Ext's Forward Shell☆120Oct 15, 2023Updated 2 years ago
- Kubernetes exploitation tool☆362Feb 25, 2026Updated last week