yeswehack/vulnerable-code-snippets external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

yeswehack/vulnerable-code-snippets

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/yeswehack/vulnerable-code-snippets)

Close

yeswehack / vulnerable-code-snippetsView on GitHubMore

• External links
• Readme badge

Twitter vulnerable snippets

☆1,123Feb 11, 2026Updated last month

Alternatives and similar repositories for vulnerable-code-snippets

Users that are interested in vulnerable-code-snippets are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• snoopysecurity / Broken-Vulnerable-Code-Snippets

  View on GitHub
  A small collection of vulnerable code snippets
  ☆790Sep 30, 2024Updated last year
• reddelexc / hackerone-reports

  View on GitHub
  Top disclosed reports from HackerOne
  ☆5,406Feb 28, 2026Updated 3 weeks ago
• xnl-h4ck3r / GAP-Burp-Extension

  View on GitHub
  Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
  ☆1,503Jan 8, 2026Updated 2 months ago
• daffainfo / AllAboutBugBounty

  View on GitHub
  All about bug bounty (bypasses, payloads, and etc)
  ☆6,672Sep 8, 2023Updated 2 years ago
• nikitastupin / clairvoyance

  View on GitHub
  Obtain GraphQL API schema even if the introspection is disabled
  ☆1,407Dec 5, 2025Updated 3 months ago
• 0xacb / recollapse

  View on GitHub
  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
  ☆1,297Aug 7, 2025Updated 7 months ago
• imran-parray / Mind-Maps

  View on GitHub
  Mind-Maps of Several Things
  ☆2,631Jun 29, 2023Updated 2 years ago
• BishopFox / jsluice

  View on GitHub
  Extract URLs, paths, secrets, and other interesting bits from JavaScript
  ☆1,782May 22, 2024Updated last year
• dwisiswant0 / awesome-oneliner-bugbounty

  View on GitHub
  A collection of awesome one-liner scripts especially for bug bounty tips.
  ☆3,084Jul 29, 2024Updated last year
• yeswehack / PwnFox

  View on GitHub
  PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
  ☆1,294Aug 7, 2024Updated last year
• streaak / keyhacks

  View on GitHub
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆6,113Aug 14, 2024Updated last year
• kleiton0x00 / Advanced-SQL-Injection-Cheatsheet

  View on GitHub
  A cheat sheet that contains advanced queries for SQL Injection of all types.
  ☆3,159May 13, 2023Updated 2 years ago
• devanshbatham / Awesome-Bugbounty-Writeups

  View on GitHub
  A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
  ☆5,581Aug 6, 2023Updated 2 years ago
• KathanP19 / HowToHunt

  View on GitHub
  Collection of methodology and test case for various web vulnerabilities.
  ☆7,049Jun 25, 2025Updated 8 months ago
• kevin-mizu / domloggerpp

  View on GitHub
  A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.
  ☆778Dec 9, 2025Updated 3 months ago
• dolevf / Damn-Vulnerable-GraphQL-Application

  View on GitHub
  Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…
  ☆1,677May 24, 2025Updated 9 months ago
• xnl-h4ck3r / xnLinkFinder

  View on GitHub
  A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secrets
  ☆1,533Mar 8, 2026Updated 2 weeks ago
• six2dez / OneListForAll

  View on GitHub
  Rockyou for web fuzzing
  ☆3,094Mar 11, 2026Updated last week
• r0oth3x49 / ghauri

  View on GitHub
  An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
  ☆3,953Oct 4, 2025Updated 5 months ago
• six2dez / reconftw

  View on GitHub
  reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and findin…
  ☆7,352Mar 13, 2026Updated last week
• Sh1Yo / x8

  View on GitHub
  Hidden parameters discovery suite
  ☆2,033Sep 8, 2024Updated last year
• lc / gau

  View on GitHub
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
  ☆4,853Jan 1, 2025Updated last year
• EdOverflow / can-i-take-over-xyz

  View on GitHub
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆5,592Feb 8, 2025Updated last year
• bitquark / shortscan

  View on GitHub
  An IIS short filename enumeration tool
  ☆1,131Nov 25, 2024Updated last year
• botesjuan / Burp-Suite-Certified-Practitioner-Exam-Study

  View on GitHub
  Burp Suite Certified Practitioner Exam Study
  ☆1,349Mar 12, 2026Updated last week
• devanshbatham / ParamSpider

  View on GitHub
  Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
  ☆3,021Mar 7, 2026Updated 2 weeks ago
• p0dalirius / Awesome-RCE-techniques

  View on GitHub
  Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
  ☆1,942Oct 7, 2023Updated 2 years ago
• projectdiscovery / interactsh

  View on GitHub
  An OOB interaction gathering server and client library
  ☆4,236Mar 10, 2026Updated last week
• EdOverflow / bugbounty-cheatsheet

  View on GitHub
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆6,399Sep 14, 2023Updated 2 years ago
• xnl-h4ck3r / waymore

  View on GitHub
  Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!
  ☆2,568Mar 8, 2026Updated 2 weeks ago
• s0md3v / Arjun

  View on GitHub
  HTTP parameter discovery suite.
  ☆6,142Feb 20, 2025Updated last year
• jthack / ffufai

  View on GitHub
  AI-powered ffuf wrapper
  ☆651Dec 4, 2025Updated 3 months ago
• dolevf / graphw00f

  View on GitHub
  graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology…
  ☆818Jun 9, 2025Updated 9 months ago
• Cyber-Buddy / APKHunt

  View on GitHub
  APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is int…
  ☆959Jan 17, 2025Updated last year
• 0xmaximus / Galaxy-Bugbounty-Checklist

  View on GitHub
  Tips and Tutorials for Bug Bounty and also Penetration Tests.
  ☆1,767Oct 7, 2025Updated 5 months ago
• sAjibuu / Upload_Bypass

  View on GitHub
  A simple tool for bypassing file upload restrictions.
  ☆894Jul 22, 2024Updated last year
• assetnote / kiterunner

  View on GitHub
  Contextual Content Discovery Tool
  ☆3,121Apr 29, 2024Updated last year
• hisxo / ReconAIzer

  View on GitHub
  A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomain…
  ☆888May 3, 2023Updated 2 years ago
• projectdiscovery / nuclei-templates

  View on GitHub
  Community curated list of templates for the nuclei engine to find security vulnerabilities.
  ☆12,058Updated this week