awesome-vulnerable-apps
PayloadsAllTheThings
awesome-vulnerable-apps | PayloadsAllTheThings | |
---|---|---|
7 | 34 | |
846 | 56,965 | |
- | - | |
4.5 | 8.5 | |
16 days ago | 4 days ago | |
Python | ||
Creative Commons Zero v1.0 Universal | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awesome-vulnerable-apps
- The next step
-
Where to practice Owasp mobile top 10 vulnerabilities?-
As well as a whole list of vulnerable applications for different fields, including mobile of course: https://github.com/vavkamil/awesome-vulnerable-apps
-
Juice shop
OWAS PJuice Shop is awesome, you can find more apps for practice here https://github.com/vavkamil/awesome-vulnerable-apps/
-
Vulhub: Pre-Built Vulnerable Environments Based on Docker-Compose
https://github.com/vavkamil/awesome-vulnerable-apps#owasp-to... :
> OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
And there's a book, an Open Source Official Companion Guide book titled "Pwning Juice Shop":
- How to practice hacking topics
- Need some resources
-
Does doing CTF help?
It depends on how the CTF is designed. I would suggest to rather try the "vulnerable by design" exercises which I'm collecting here https://github.com/vavkamil/awesome-vulnerable-apps
PayloadsAllTheThings
-
php shell not executed in wordpress
Also https://github.com/swisskyrepo/PayloadsAllTheThings I'm sure there's a few test php files in here for filter bypasses too
-
XXE-XML External Entities Attacks
An alternative display version is available at PayloadsAllTheThingsWeb.
-
Becoming a security researcher. Help with a realistic timeline?
- https://github.com/swisskyrepo/PayloadsAllTheThings - https://book.hacktricks.xyz/welcome/readme
-
Want to hack school laptop? Any tips or applications that I can download?
If it's windows - oofta-may. Start here: https://github.com/swisskyrepo/PayloadsAllTheThings
- Where do I start on this journey?
-
How important is webtesting in the exam?
It is a method for initial access so it is possible that it could appear in one of the exam machines Payload all the things has a lot of useful resources for sql injection https://swisskyrepo.github.io/PayloadsAllTheThings/
- GitHub (or any website) page with good scripts for social media tools
- cómo empezar en seguridad informática
-
It's official: BlackLotus malware can bypass secure boot
> If you run as a user who doesn't have admin access you should be protected,
That's not very reassuring. Privilege escalation on Windows is a well studied subject:
https://github.com/swisskyrepo/PayloadsAllTheThings/blob/mas...
-
you think that hack the box is the best way to start a career in CiberSecurity speaking about hacking?
Payloadallthethings github
What are some alternatives?
bounty-targets-data - This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
sql-injection-payload-list - 🎯 SQL Injection Payload List
juice-shop - OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
nuclei-templates - Community curated list of templates for the nuclei engine to find security vulnerabilities.
awesome-ethical-hacking-resources - 😎 🔗 Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.
CVE-2021-44228-PoC-log4j-bypass-words - 🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - WAF bypass tricks
awesome-bugbounty-tools - A curated list of various bug bounty tools
OWASP-Testing-Checklist - OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
Interlace - Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.
IPRotate_Burp_Extension - Extension for Burp Suite which uses AWS API Gateway to rotate your IP on every request.
Android-InsecureBankv2 - Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
web-pentesting-checklist - checklist for testing the web applications