Alternatives and similar repositories for Tornado_Demo_Vuln_App

Users that are interested in Tornado_Demo_Vuln_App are comparing it to the libraries listed below

• 1337g / CVE-2017-10271
  CVE-2017-10271 WEBLOGIC RCE (TESTED)
  ☆39Updated 7 years ago
• zayedaljaberi / urlfuzzing
  Advance URL Fuzzing + Whois Domain running on python
  ☆17Updated 2 years ago
• vah13 / SAP_vulnerabilities
  DoS PoC's for SAP products
  ☆52Updated 7 years ago
• alexvanmaele / ics-checklist
  Industrial Security Checklist
  ☆10Updated 8 years ago
• migolovanov / libinjection-fuzzer
  This tool was written as PoC to article https://waf.ninja/libinjection-fuzz-to-bypass/
  ☆38Updated 7 years ago
• knqyf263 / CVE-2019-6467
  CVE-2019-6467 (BIND nxdomain-redirect)
  ☆26Updated 6 years ago
• NetSPI / JIG
  Jira Information Gatherer
  ☆28Updated 7 years ago
• sirpsycho / firecall
  Automate SSH communication with firewalls, switches, etc.
  ☆26Updated 7 years ago
• immunIT / CVE-2018-11759
  Proof of concept showing how to exploit the CVE-2018-11759
  ☆41Updated 6 years ago
• debasishm89 / dotNetFuzz
  A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.
  ☆42Updated 6 years ago
• lprat / smuggling_detect
  Try to detect HTTP desync attack (https://portswigger.net/blog/http-desync-attacks-request-smuggling-reborn)
  ☆12Updated 5 years ago
• smiegles / certs
  Parse X509 certificates to get the (sub)domains in it.
  ☆28Updated 7 years ago
• tijme / similar-request-excluder
  A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.
  ☆43Updated 5 years ago
• RUB-NDS / DTD-Attacks
  Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java
  ☆55Updated 8 years ago
• tnt1200 / passive-dns
  passive dns collector
  ☆10Updated 8 years ago
• pwntester / SpringBreaker
  Exploit PoC for Spring RCE issue (CVE-2011-2894)
  ☆43Updated last year
• silentsignal / burp-collab-gw
  Simple socket-based gateway to the Burp Collaborator
  ☆33Updated 8 years ago
• GoSecure / break-fast-serial
  A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
  ☆54Updated 8 years ago
• aipengjie / vulscans
  check cmd execute
  ☆13Updated 8 years ago
• ecbftw / poc
  A collection of published exploits and proof-of-concept code.
  ☆21Updated 7 years ago
• 0ang3el / HQLi-playground
  ☆46Updated 9 years ago
• mpgn / CVE-2019-9580
  CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE
  ☆32Updated 6 years ago
• vulnersCom / detect-rules
  Vulners signature-base software version detection rules
  ☆37Updated 3 years ago
• brianwrf / myPadBuster
  It is a Python+Perl script to exploit ASP.net Padding Oracle vulnerability.
  ☆19Updated 8 years ago
• GrrrDog / ACEDcup
  Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)
  ☆38Updated 9 years ago
• mbechler / serjs
  A Java serializer in JavaScript
  ☆81Updated 7 years ago
• irsl / struts-any-results
  Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.
  ☆12Updated 6 years ago
• preempt / rdpy
  Remote Desktop Protocol in Twisted Python
  ☆26Updated 7 years ago
• mattulm / volgui
  rename
  ☆19Updated 7 years ago
• jayeshchauhan / SKANDA
  OWASP Skanda - SSRF Exploitation Framework
  ☆38Updated 11 years ago