Web application with vulnerabilities found in real cases, both in pentests and in Bug Bounty programs.
-
Updated
Nov 17, 2023 - Python
#
vulnerable
Here are 22 public repositories matching this topic...
Frida scripts for mobile application dynamic-analysis.
android security demo native reverse-engineering bruteforce penetration-testing dynamic-analysis infosec jni bugbounty frida bypass vulnerable hooking certificate-pinning red-team jni-android bugbounty-tool frida-scripts
-
Updated
Apr 3, 2024 - Python
Wordpress Watcher is a wrapper for WPScan that manages scans on multiple sites and reports by email and/or syslog. Schedule scans and get notified when vulnerabilities, outdated plugins and other risks are found.
wordpress alerts service asynchronous email syslog scan batch automate report bulk auto multiple vulnerable wpscan sites warnings mass
-
Updated
May 9, 2023 - Python
Nikto Vulnerability Report Tool 🌌
reporting project penetration-testing report vulnerability pentesting security-vulnerability vulnerabilities vulnerable nikto vulnerability-scanners security-scanner python-application python-apps security-tools pentest-tool security-testing python-project vulnerability-report report-tool
-
Updated
Jun 28, 2020 - Python
Vulnerable FastAPI in reference to Opensource Web Application Security Project (OWASP) TOP 10: 2021
sql nosql rest-api webapp vulnerable vulnerable-application vulnerable-web-app owasp-top-10 owasp-top-ten fastapi vulnerable-api owasp-top-ten-2021 owasp-top-10-2021
-
Updated
Jan 3, 2022 - Python
This is a vulnerable Flask web application designed to provide a lab environment for people who want to improve their web penetration testing skills. It includes multiple types of vulnerabilities for you to practice exploiting.
python flask penetration-testing flask-application vulnerable vulnerable-application vulnerable-flask-app
-
Updated
Apr 10, 2023 - Python
MonSurf is a Web surfing tool that searches for open/vulnerable IP Addresses, ports, webcams, security cameras, satellites and IoT Devices connected over the Internet through Shodan. Keep in mind that not all features work properly and requires special care, if you emcounter any issues please do share them at the issues sections. Happy Hunting!;)
-
Updated
Oct 8, 2020 - Python
A script that webs scrapes multiple webpages for known vulnerable Windows Drivers, SHA256 hashes all system drivers, looks for matching driver names and SHA256 hashes.
python windows checker scanner driver windows-10 cybersecurity drivers antivirus vulnerable cyber-security blueteam edr windows-11 cybersecurity-education windowsdriver cybersecurity-tools blueteam-tools vulenrability blueteaming-tools
-
Updated
Jul 31, 2024 - Python
An example of an extremely vulnerable Django application. Clone of the DVWA.
-
Updated
Aug 25, 2020 - Python
Erlik 2 - Vulnerable-Flask-App
flask hacking owasp penetration-testing web-security vulnerabilities vulnerable appsec vulnerable-web-app webpentest vulnerable-api vulnerable-flask-app
-
Updated
Nov 23, 2023 - Python
A collection of containerized security vulnerabilities including privilege escalation CVEs and SUID exploits for hands-on penetration testing practice.
docker security vagrant exploit cybersecurity penetration-testing ctf vulnerable privilege-escalation security-training suid
-
Updated
Jan 14, 2025 - Python
An intentionally vulnerable web application with 4 preexisting vulnerabilities to demonstrate fluency in complex web application security.
-
Updated
Apr 21, 2019 - Python
An intentionally-insecure web application built for educational purposes using agile development practices.
-
Updated
Apr 16, 2019 - Python
A Thick client app for linux, designed to be vulnerable. a.k.a. Linux-Damn-Vulnerable-Thick-Client or Linux-Thick-Client-GOAT
-
Updated
Jan 18, 2025 - Python
Living off the Land. Scan Windows for vulnerable and/or malicious drivers.
-
Updated
Oct 28, 2024 - Python
A playground with an intentionally terribly insecure binary to learn about ROP.
-
Updated
Sep 5, 2021 - Python
An automated tool for discovering vulnerabilities in GraphQL applications through fuzzing techniques, including OS Command Injection and XSS, with a focus on OWASP Top Ten vulnerabilities.
graphql dos nosql xss xss-vulnerability graphql-application vulnerable graphql-api ssrf sqlinjection xxe-injection ssrf-payload ssrf-tool acyber
-
Updated
Oct 5, 2024 - Python
Improve this page
Add a description, image, and links to the vulnerable topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the vulnerable topic, visit your repo's landing page and select "manage topics."