webpwnized / mutillidae
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
☆1,265Updated this week
Related projects ⓘ
Alternatives and complementary repositories for mutillidae
- OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and p…☆1,502Updated last year
- A curated list of amazingly awesome Burp Extensions☆2,988Updated 3 weeks ago
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,817Updated last week
- Advanced vulnerability scanning with Nmap NSE☆3,467Updated last month
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆874Updated 2 weeks ago
- ☆2,180Updated 11 months ago
- This script is intended to automate your reconnaissance process in an organized fashion☆1,920Updated 3 years ago
- Web and mobile application security training platform☆1,345Updated 4 months ago
- A script that you can run in the background!☆2,725Updated 3 months ago
- Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications…☆1,202Updated last month
- Take a list of domains and probe for working HTTP and HTTPS servers☆2,865Updated 4 months ago
- A Tool for Domain Flyovers☆5,639Updated 2 years ago
- Automated NoSQL database enumeration and web application exploitation tool.☆2,912Updated 3 months ago
- Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management☆3,560Updated this week
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,681Updated 3 years ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆4,979Updated 2 weeks ago
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆1,696Updated 2 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,784Updated 6 months ago
- Web application fuzzer☆5,954Updated 2 months ago
- Automatic SSRF fuzzer and exploitation tool☆2,986Updated 4 months ago
- Automated All-in-One OS Command Injection Exploitation Tool.☆4,591Updated this week
- The Multi-Tool Web Vulnerability Scanner.☆1,762Updated last year
- Notes about attacking Jenkins servers☆1,961Updated 3 months ago
- A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.☆1,519Updated last year
- Knock Subdomain Scan☆3,876Updated 3 months ago
- DNS Enumeration Script☆2,635Updated this week
- A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT S…☆2,578Updated last year
- This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XS…☆1,031Updated 3 months ago
- 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.☆3,753Updated last month
- Attack Surface Management Platform☆8,077Updated 2 weeks ago