vulnerable-apps / awesome-vulnerableLinks
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
☆40Updated 2 years ago
Alternatives and similar repositories for awesome-vulnerable
Users that are interested in awesome-vulnerable are comparing it to the libraries listed below
Sorting:
- ☆116Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Updated last year
- Nuclei plugins to audit Chrome extensions☆65Updated last year
- Collection of all previous 1337UP CTF challenges.☆74Updated 8 months ago
- An experimental project exploring the use of Large Language Models (LLMs) to solve HackTheBox machines autonomously.☆73Updated this week
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆42Updated last year
- gubble is a tool designed to audit Google Workspace group settings. It analyzes settings such as who can join, view membership, post mess…☆79Updated 3 months ago
- Hijack a slack bot to phish your way in☆56Updated 2 months ago
- External Playbooks for Public Access☆39Updated 7 months ago
- ☆50Updated last year
- ☆35Updated 5 months ago
- Collection of Docker honeypot logs from 2021 - 2024☆36Updated 11 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆108Updated last year
- A vulnerable environment for exploring common GCP misconfigurations and vulnerabilities☆29Updated 6 months ago
- ☆85Updated last month
- Burp Suite extension for testing Passkey systems.☆74Updated 5 months ago
- NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes.☆65Updated last year
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆37Updated last year
- HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.☆64Updated 10 months ago
- Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based …☆104Updated 2 months ago
- Provides an overview of the inner file structure of a PDF☆25Updated 3 years ago
- Additional active scan checks for BURP☆28Updated 11 months ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 3 years ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆74Updated last year
- FrogPost: postMessage Security Testing Tool☆97Updated last week
- LLM Testing Findings Templates☆73Updated last year
- ☆113Updated 2 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- Burp Suite extension for bypassing client-side encryption for pentesting and bug bounty in WebSocket☆82Updated last month