vulnerable-apps / awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
☆32Updated last year
Related projects ⓘ
Alternatives and complementary repositories for awesome-vulnerable
- Collection of Docker honeypot logs from 2021 - 2024☆35Updated last month
- A Caldera plugin for the emulation of complete, realistic cyberattack chains.☆44Updated last month
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆36Updated last month
- Living Off Security Tools☆41Updated 3 weeks ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆39Updated 3 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆45Updated 2 months ago
- Nuclei plugins to audit Chrome extensions☆64Updated 4 months ago
- The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP syst…☆47Updated 6 months ago
- ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify …☆69Updated last month
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆40Updated 2 months ago
- Canary Detection☆162Updated 7 months ago
- God Mode Detection Rules☆131Updated 3 months ago
- Email enumerator, username generator, and context validator for hunter.io, snov.io, and skrapp.io☆77Updated 3 months ago
- External Playbooks for Public Access☆31Updated 8 months ago
- Workshop resources and materials for Workshop presented at DefCon and other security conferences - Creating and Uncovering Malicious Cont…☆43Updated 7 months ago
- ☆40Updated 2 months ago
- Provides an overview of the inner file structure of a PDF☆24Updated 2 years ago
- Basic protection against HTML smuggling attempts.☆43Updated this week
- This is a RSS feed collection for all the InfoSec Content Creators☆30Updated last year
- https://lolad-project.github.io/☆62Updated 2 weeks ago
- Crawlector is a threat hunting framework designed for scanning websites for malicious objects.☆125Updated 11 months ago
- AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.☆46Updated this week
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆107Updated 2 months ago
- A Pentest Collaboration and Reporting Tool☆50Updated this week
- moniorg is a tool that leverages crt.sh website to monitor domains of a target☆47Updated last year
- NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes.☆62Updated 10 months ago
- ☆69Updated last month
- Dredging up secrets from the depths of the file system☆115Updated 2 weeks ago
- ☆115Updated last year
- An LLM and OCR based Indicator of Compromise Extraction Tool☆31Updated 7 months ago