vulnerable-apps / awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
☆28Updated last year
Related projects ⓘ
Alternatives and complementary repositories for awesome-vulnerable
- Collection of Docker honeypot logs from 2021 - 2024☆35Updated last month
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆34Updated last month
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆39Updated 2 months ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆45Updated last month
- ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify …☆68Updated 2 weeks ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆39Updated 10 months ago
- Living Off Security Tools☆37Updated 2 weeks ago
- A Caldera plugin for the emulation of complete, realistic cyberattack chains.☆44Updated 2 weeks ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆58Updated last year
- ☆40Updated 2 months ago
- An LLM and OCR based Indicator of Compromise Extraction Tool☆30Updated 7 months ago
- A collection of tools that I use in CTF's or for assessments☆55Updated 3 weeks ago
- All kinds of tiny shells☆59Updated last year
- ☆23Updated last year
- Provides an overview of the inner file structure of a PDF☆24Updated 2 years ago
- HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.☆58Updated 4 months ago
- Repository that contains a set of purposefully erroneous Yara rules.☆48Updated 9 months ago
- A tool for quickly evaluating IAM permissions in AWS.☆57Updated last year
- External Playbooks for Public Access☆31Updated 7 months ago
- Offensive Kubernetes Threat Matrix -- kubenomicon.com☆27Updated this week
- ☆77Updated 7 months ago
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆82Updated last month
- Artifact monitoring that ensures fairplay☆66Updated last year
- CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to …☆118Updated 6 months ago
- NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes.☆62Updated 9 months ago
- ☆31Updated 4 months ago
- A vulnerable environment for exploring common GCP misconfigurations and vulnerabilities☆25Updated 3 months ago
- Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated dai…☆36Updated this week
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆122Updated last month