webpwnized / mutillidae
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
☆1,311Updated 2 months ago
Alternatives and similar repositories for mutillidae:
Users that are interested in mutillidae are comparing it to the libraries listed below
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,742Updated 3 years ago
- OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and p…☆1,547Updated 2 years ago
- Automated NoSQL database enumeration and web application exploitation tool.☆3,008Updated 6 months ago
- The Bug Hunters Methodology☆4,006Updated last year
- This script is intended to automate your reconnaissance process in an organized fashion☆1,950Updated 3 years ago
- 🎯 Command Injection Payload List☆3,131Updated 7 months ago
- A curated list of amazingly awesome Burp Extensions☆3,078Updated last week
- Automatic SSRF fuzzer and exploitation tool☆3,084Updated 8 months ago
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆877Updated 3 months ago
- Writeups for HacktheBox 'boot2root' machines☆1,938Updated last year
- Take a list of domains and probe for working HTTP and HTTPS servers☆2,949Updated 7 months ago
- Web application fuzzer☆6,059Updated 6 months ago
- Red Teaming & Pentesting checklists for various engagements☆2,525Updated 6 months ago
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,844Updated 2 months ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,868Updated 10 months ago
- Knock Subdomain Scan☆3,940Updated 3 months ago
- A script that you can run in the background!☆2,803Updated 6 months ago
- ☆2,349Updated 6 months ago
- Notes about attacking Jenkins servers☆2,031Updated 7 months ago
- Web and mobile application security training platform☆1,368Updated 7 months ago
- A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…☆2,141Updated 2 years ago
- HTTP parameter discovery suite.☆5,439Updated 2 months ago
- A multi-platform bug bounty toolkit that can be installed on Debian/Ubuntu or set up with Docker.☆1,116Updated last year
- ☆2,237Updated last year
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,317Updated 8 months ago
- Open source education content for the researcher community☆2,658Updated 2 years ago
- Penetration tests guide based on OWASP including test cases, resources and examples.☆2,539Updated 2 years ago
- Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.☆4,897Updated last week
- This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.☆3,354Updated 2 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆3,812Updated 6 months ago