Alternatives and similar repositories for Tornado_Demo_Vuln_App

Users that are interested in Tornado_Demo_Vuln_App are comparing it to the libraries listed below

• immunIT / CVE-2018-11759
  Proof of concept showing how to exploit the CVE-2018-11759
  ☆40Updated 7 years ago
• mseclab / Burp-PyJFuzz
  Burp Suite plugin which implement PyJFuzz for fuzzing web application.
  ☆56Updated 8 years ago
• 1337g / CVE-2017-10271
  CVE-2017-10271 WEBLOGIC RCE (TESTED)
  ☆39Updated 8 years ago
• 0ang3el / HQLi-playground
  ☆46Updated 9 years ago
• zayedaljaberi / urlfuzzing
  Advance URL Fuzzing + Whois Domain running on python
  ☆18Updated 3 years ago
• jasonsheh / FingerScan
  ☆14Updated 7 years ago
• GoSecure / break-fast-serial
  A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs
  ☆55Updated 8 years ago
• silentsignal / burp-collab-gw
  Simple socket-based gateway to the Burp Collaborator
  ☆34Updated 9 years ago
• Stahlz / JQShell
  A weaponized version of CVE-2018-9206
  ☆62Updated 7 years ago
• agienka / blindy
  Simple script to automate brutforcing blind sql injection vulnerabilities
  ☆50Updated 8 years ago
• RUB-NDS / DTD-Attacks
  Tests for different parsers from Ruby, Python, .NET, PHP, Perl, Java
  ☆55Updated 9 years ago
• vah13 / SAP_vulnerabilities
  DoS PoC's for SAP products
  ☆51Updated 7 years ago
• Blizzo / tools
  Simple, useful scripts for red/blue team situations
  ☆22Updated 10 years ago
• brianwrf / S2-053-CVE-2017-12611
  A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)
  ☆37Updated 8 years ago
• neargle / Go-Get-RCE-CVE-2018-6574-POC
  CVE-2018-6574 POC : golang 'go get' remote command execution during source code build
  ☆24Updated 3 years ago
• LinkedInAttic / sometime
  A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities
  ☆60Updated 8 years ago
• riusksk / FlashScanner
  Flash XSS Scanner
  ☆54Updated 9 years ago
• chaitin / sqlchop-http-proxy
  SQLChop reverse http proxy module
  ☆32Updated 10 years ago
• zerothoughts / jndipoc
  Proof of concept showing how java byte code can be injected through InitialContext.lookup() calls
  ☆42Updated 9 years ago
• jpiechowka / jenkins-cve-2016-0792
  Exploit for Jenkins serialization vulnerability - CVE-2016-0792
  ☆49Updated 8 years ago
• irsl / struts-any-results
  Demonstrating why Dynamic Method Invocation with unrestricted method names (the old default of Struts) is dangerous.
  ☆12Updated 7 years ago
• dionach / CodeIgniterXor
  CodeIgniter <=2.1.4 session cookie decryption vulnerability
  ☆39Updated 9 years ago
• securityroots / passdb
  Ruby interface to cirt.net default passwords database
  ☆19Updated 14 years ago
• roo7break / serialator
  Python script to exploit CVE-2015-4852.
  ☆31Updated 9 years ago
• xinali / penework
  Penetration Test Framwork
  ☆22Updated 7 years ago
• debasishm89 / dotNetFuzz
  A quick and dirty .NET "Deserialize_*" fuzzer based on James Forshaw's (@tiraniddo) DotNetToJScript.
  ☆42Updated 7 years ago
• armourbird / csf
  ArmourBird CSF - Container Security Framework
  ☆44Updated 3 years ago
• floyd-fuh / burp-HttpFuzzer
  Burp plugin to do random fuzzing of HTTP requests
  ☆33Updated 8 years ago
• sisoc-tokyo / Real-timeDetectionAD_journal
  ☆24Updated 5 years ago
• mbechler / serjs
  A Java serializer in JavaScript
  ☆81Updated 7 years ago