VWGen - Vulnerable Web applications Generator

  •        9

This is the Git repo of the VWGen, which stands for Vulnerable Web applications Generator.--file option makes share web challenges easily. All you need to do is provide a custom script, which defines how vulnerabilities would be made or be triggered, and each one can just load that script to spawn the same vulnerable web applications immediately.

https://github.com/qazbnm456/VWGen

Tags
Implementation
License
Platform

   




Related Projects

dagda - a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

  •    Python

Dagda is a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities. In order to fulfill its mission, first the known vulnerabilities as CVEs (Common Vulnerabilities and Exposures), BIDs (Bugtraq IDs), RHSAs (Red Hat Security Advisories) and RHBAs (Red Hat Bug Advisories), and the known exploits from Offensive Security database are imported into a MongoDB to facilitate the search of these vulnerabilities and exploits when your analysis are in progress.

clair - Vulnerability Static Analysis for Containers

  •    Go

Note: The master branch may be in an unstable or even broken state during development. Please use releases instead of the master branch in order to get stable binaries.Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including appc and docker).

Sn1per - Automated Pentest Recon Scanner

  •    PHP

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information regarding Sn1per Professional, go to https://xerosecurity.com. To obtain a Sn1per Professional license, go to https://xerosecurity.com.

Anchore Engine - Centralized service for inspection, analysis and certification of container images

  •    Python

The Anchore Engine is an open source project that provides a centralized service for inspection, analysis and certification of container images. The Anchore engine is provided as a Docker container image that can be run standalone or on an orchestration platform such as Kubernetes, Docker Swarm, Rancher or Amazon ECS. The Anchore engine can be accessed directly through a RESTful API or via the Anchore CLI.


NodeGoat - The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node

  •    HTML

Being lightweight, fast, and scalable, Node.js is becoming a widely adopted platform for developing web applications. This project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them. Tutorial Guide explaining how each of the OWASP Top 10 vulnerabilities can manifest in Node.js web apps and how to prevent it.

reg - Docker registry v2 command line client and repo listing generator with security checks.

  •    Go

Docker registry v2 command line client and repo listing generator with security checks. For installation instructions from binaries please visit the Releases Page.

browser-extension - OctoLinker – Available on Chrome, Firefox and Opera

  •    Javascript

First of all, it's a browser extension. Once installed, it allows you to navigate through projects on GitHub.com efficiently.Most projects consist of many files and third party dependencies. Files are referencing other files and / or dependencies by language specific statements like include or require. Dependencies are most likely declared in a file called manifest e.g. package.json or Gemfile. The OctoLinker browser extensions makes these references clickable. No more copy and search.

qark - Tool to look for several security related Android application vulnerabilities

  •    Python

Quick Android Review Kit - This tool is designed to look for several security related Android application vulnerabilities, either in source code or packaged APKs.

bane - Custom & better AppArmor profile generator for Docker containers.

  •    Go

AppArmor profile generator for docker containers. Basically a better AppArmor profile, than creating one by hand, because who would ever do that. For installation instructions from binaries please visit the Releases Page.

docker-gen - Generate files from docker container meta-data

  •    Go

docker-gen is a file generator that renders templates using docker container meta-data.Download the version you need, untar, and install to your PATH.

generator-ngx-rocket - :rocket: Extensible Angular 6+ enterprise-grade project generator

  •    TypeScript

See generated project example here. A complete starter template: example app structure tailored for scalability, with examples and boilerplate code for every common thing needed in enterprise projects, such as unit tests, routing, authentication, HTTPS service extensions, i18n support with dynamic language change and automatic user language detection...

Offline-qr-code - Offline QR Code Generator

  •    Javascript

This is a (Firefox) Web Extension, which makes it possible to generate a QR code from any website. In contrast to many other add-ons, which use Google Web APIs for that, this add-on works completely offline. This QR code generator puts your privacy first! Effectively, the add-on prevents any web connection for itself, so it does never contact the web. Thanks to the linked manifest.json you can also easily verify, that this claim is true. It works offline! Always.

x5s - test encodings and character transformations to find XSS hotspots

  •    

x5s is a Fiddler addon that aims to assist penetration testers in finding cross-site scripting (XSS) vulnerabilities. By auto-injecting special character-probes into all inputs x5s can detect where the emitted character may be ill-encoded or transformed in a vulnerable way.

bane - Custom & better AppArmor profile generator for Docker containers.

  •    Go

AppArmor profile generator for docker containers. Basically a better AppArmor profile, than creating one by hand, because who would ever do that.sample.toml is a AppArmor sample config for nginx in a container.

deepo - A series of Docker images (and their generator) that allows you to quickly set up your deep learning research environment

  •    Python

If you want to share your data and configurations between the host (your machine or VM) and the container in which you are using Deepo, use the -v option, e.g. This will make /host/data from the host visible as /data in the container, and /host/config as /config. Such isolation reduces the chances of your containerized experiments overwriting or using wrong data.

retire.js - scanner detecting the use of JavaScript libraries with known vulnerabilities

  •    Javascript

There is a plethora of JavaScript libraries for use on the Web and in Node.JS apps out there. This greatly simplifies development,but we need to stay up-to-date on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 list of security risks and insecure libraries can pose a huge risk to your Web app. The goal of Retire.js is to help you detect the use of JS-library versions with known vulnerabilities. A Grunt task for running Retire.js as part of your application's build routine, or some other automated workflow.

gaudi - Gaudi allows to share multi-component applications, based on Docker, Go, and YAML.

  •    Go

This project is discontinued. Read about why here. gaudi is a generator of architecture written in Go and using Docker. You can use it to start any type of application, and link them together without knowledge of Docker or system configuration. Using Go, gaudi can build and start your applications in parallel depending on their dependencies.

License Generator for Addon Nice Server 1.0

  •    

This is a small windows tool allowing to generate license files for Addon Nice Server 1.0