JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.
Damn Small Vulnerable Web (DSVW) is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes. It supports majority of (most popular) web application vulnerabilities together with appropriate attacks. Quick start: Run the following command: $ python3 dsvw.py Damn Small Vulnerable Web (DSVW) < 100 LoC (Lines of Code) #v0.2a by: Miroslav Stampar (@stamparm) [i] running HTTP server at 'http://127.0.0.1:65412'... and navigate your browser to http://127.0.0.1:65412/: Requirements: Python (3.x) is required for running this program. Items XML External Entity (local), XML External Entity (remote) and Blind XPath Injection (boolean) require installation of python-lxml (e.g. apt-get install python-lxml). Otherwise, those will be disabled. To install lxml via pip, run the following command: pip install -r requirements.txt
JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.
A CSP plugin for hapi with per-route configuration options.
WackoPicko is a vulnerable website with known vulnerabilities, now available as a Docker image and included in the OWASP Broken Web Applications Project.
FingerprintJS is a client-side browser fingerprinting library that provides a unique visitor identifier unaffected by incognito mode.
Argus-SAF is a static analysis framework for security vetting Android applications.
Detect trojan source attacks that employ unicode bidi attacks to inject malicious code.