vulnerable-apps / awesome-vulnerableLinks
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
☆39Updated 2 years ago
Alternatives and similar repositories for awesome-vulnerable
Users that are interested in awesome-vulnerable are comparing it to the libraries listed below
Sorting:
- Nuclei plugins to audit Chrome extensions☆65Updated 11 months ago
- ☆115Updated 2 years ago
- gubble is a tool designed to audit Google Workspace group settings. It analyzes settings such as who can join, view membership, post mess…☆68Updated last month
- Create tar/zip archives that try to exploit zipslip vulnerability.☆47Updated 9 months ago
- Identify hardcoded secrets in static structured text (version 2)☆91Updated 4 months ago
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆37Updated 9 months ago
- A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.☆43Updated 9 months ago
- ☆32Updated 2 months ago
- Burp Suite extension for testing Passkey systems.☆69Updated 2 months ago
- Hijack a slack bot to phish your way in☆55Updated 2 months ago
- ☆35Updated 3 months ago
- Collection of Docker honeypot logs from 2021 - 2024☆36Updated 8 months ago
- 🌐 Visualize and explore IaC ✒️ Create and share notes in VS Code 🤝 Sync notes and findings in real-time with friends☆73Updated last year
- RansomWhen is a tool to enumerate identities that can lock S3 Buckets using KMS, resulting in ransomwares, as well as detect occurances o…☆52Updated 4 months ago
- DelePwn is a security assessment tool designed to identify and demonstrate the risks associated with Google Workspace Domain-Wide Delegat…☆33Updated last month
- ☆64Updated last month
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Updated 10 months ago
- Living Off Security Tools☆45Updated 8 months ago
- FrogPost: postMessage Security Testing Tool☆80Updated last month
- A Pentest Collaboration and Reporting Tool☆63Updated 3 months ago
- An LLM and OCR based Indicator of Compromise Extraction Tool☆33Updated 6 months ago
- NullSection is an Anti-Reversing tool that applies a technique that overwrites the section header with nullbytes.☆65Updated last year
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 2 years ago
- Build a CVE library with aggregated CISA, EPSS and CVSS data☆27Updated last year
- A tool for quickly evaluating IAM permissions in AWS.☆57Updated last year
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.☆41Updated last year
- ServiceLens is a Python tool for analyzing services linked to Microsoft 365 domains. It scans DNS records like SPF and DMARC to identify …☆77Updated 8 months ago
- AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.☆70Updated 2 weeks ago
- Framework for Monitoring File Ingestion Source for Yara Matches☆47Updated 3 months ago
- A Caldera plugin for the emulation of complete, realistic cyberattack chains.☆53Updated 3 months ago