Alternatives and similar repositories for vulnerablemcp

Users that are interested in vulnerablemcp are comparing it to the libraries listed below

• Outpost24 / outpost24-cors-check
  Additional active scan checks for BURP
  ☆27Updated 8 months ago
• tenable / hidden-services-revealer
  ☆36Updated 10 months ago
• NodyHub / zipslipper
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆47Updated 8 months ago
• bjornhels / CVE-2025-30065
  PoC
  ☆12Updated 2 months ago
• WhiteOakSecurity / GoAWSConsoleSpray
  Tool to spray AWS Console IAM Logins
  ☆29Updated 2 years ago
• JosephTLucas / vger
  An interactive CLI application for interacting with authenticated Jupyter instances.
  ☆53Updated last month
• mrwadams / otx-mcp
  ☆16Updated last month
• JupiterOne-Archives / j1nuclei
  ☆14Updated last year
• inguardians / ivanti-VPN-issues-2024-research
  Invanti VPN Vulnerabilities for Jan - Feb 2024 - Links to Keep it all Organized
  ☆16Updated last year
• Verizon / verizon_burp_extensions_ai
  Verizon Burp Extensions: AI Suite
  ☆131Updated last month
• skylightcyber / soygun
  ☆10Updated 4 years ago
• harekrishnarai / Damn-vulnerable-sca
  Damn Vulnerable SCA Application
  ☆36Updated last month
• s0rcy / semgrep-rules
  Collection of Semgrep rules for security analysis
  ☆10Updated last year
• infosecak / DVBE
  Damn Vulnerable Browser Extension (DVBE), previously named as Badly Coded Browser Extension (BCBE), is an open-source vulnerable Chrome E…
  ☆24Updated 3 months ago
• 5stars217 / malicious_models
  using ML models for red teaming
  ☆43Updated last year
• h3xstream / waf-workshop
  ☆16Updated 2 years ago
• raesene / k8s_ssrf_portscanner
  ☆31Updated 2 years ago
• doyensec / cloudsec-tidbits
  Blogpost series showcasing interesting cloud - web app security bugs
  ☆49Updated last year
• xforcered / MLOKit
  MLOps Attack Toolkit
  ☆17Updated 5 months ago
• pocahon / jsontoneo
  ☆12Updated 2 months ago
• AbstractClass / CloudPrivs
  Determine privileges from cloud credentials via brute-force testing.
  ☆69Updated 9 months ago
• monoxgas / minibus
  Remote code execution in Power Platform connectors via JSON deserialization
  ☆22Updated 2 years ago
• Devang-Solanki / recon.cloud
  recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…
  ☆23Updated 2 years ago
• AdnaneKhan / ActionsCacheBlasting
  Proof-of-concept code for research into GitHub Actions Cache poisoning.
  ☆21Updated 3 months ago
• doyensec / CVE-2022-39299_PoC_Generator
  A Simple CVE-2022-39299 PoC exploit generator to bypass authentication in SAML SSO Integrations using vulnerable versions of passport-sam…
  ☆19Updated 2 years ago
• hackvertor / shadow-repeater
  ☆36Updated last month
• doyensec / PoiEx
  🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends
  ☆73Updated last year
• Leoid / Burp2Slack
  Push notifications to Slack channel or to custom server based on BurpSuite response conditions.
  ☆17Updated 4 years ago
• abhisek / supply-chain-security-gateway
  Reference architecture and proof of concept implementation for supply chain security gateway
  ☆23Updated 2 years ago
• PortSwigger / paramalyzer
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆32Updated 2 years ago