vulnerable-apps / awesome-vulnerableLinks
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
☆48Updated 2 years ago
Alternatives and similar repositories for awesome-vulnerable
Users that are interested in awesome-vulnerable are comparing it to the libraries listed below
Sorting:
- ☆116Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Updated last year
- ☆94Updated last month
- Nuclei plugins to audit Chrome extensions☆65Updated last year
- External Playbooks for Public Access☆40Updated 11 months ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Updated last month
- ☆40Updated 2 months ago
- gubble is a tool designed to audit Google Workspace group settings. It analyzes settings such as who can join, view membership, post mess…☆79Updated 7 months ago
- Burp Suite extension for testing Passkey systems.☆75Updated 9 months ago
- Collection of all previous 1337UP CTF challenges.☆78Updated last year
- HardeningMeter is an open-source Python tool carefully designed to comprehensively assess the security hardening of binaries and systems.☆65Updated last year
- LLM Testing Findings Templates☆75Updated last year
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 3 years ago
- NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes.☆67Updated last year
- Workshop resources and materials for Workshop presented at DefCon and other security conferences - Creating and Uncovering Malicious Cont…☆50Updated last year
- FrogPost: postMessage Security Testing Tool☆105Updated last month
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- Hijack a slack bot to phish your way in☆57Updated 5 months ago
- Examine Chrome extensions for security issues☆92Updated 2 months ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆42Updated 2 years ago
- Some of my rough notes for Docker threat detection☆47Updated 2 years ago
- ☆114Updated 2 years ago
- Cake Fuzzer is a project that is meant to help automatically and continuously discover vulnerabilities in web applications created based …☆105Updated 5 months ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆73Updated last year
- A multi-cloud DNS record scanner that aims to help cybersecurity/IT analysts identify dangling CNAME records in their cloud DNS services …☆50Updated 2 years ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆37Updated last year
- A vulnerable environment for exploring common GCP misconfigurations and vulnerabilities☆31Updated 2 months ago
- A curated list of argument injection vectors☆41Updated 11 months ago
- An automated security testing platform that uses Large Language Models (LLMs) to autonomously solve CTF challenges and penetration testin…☆190Updated this week
- Converting your Burp Suite projects into JSON APIs which can be viewed with Swagger editor or imported into Postman.☆75Updated last year