623 matches found
dvwa-web-attack-lab
Web Application Penetration Testing Lab Platform: Kali Li...
VulnBoard
VulnBoard “If you don’t know about attacks, you can’t defend...
OWASP_Top10_Web_Pentest
🔓 Week 04 — Web Application Penetration Testing OWASP Top 10...
OWASP_Top10_Web_Pentest
🔓 Week 04 — Web Application Penetration Testing OWASP Top 10...
Exploit for Server-Side Request Forgery in Apeworx Web3.Py
CVE-2026-40072 SSRF Lab Hands-on local lab to demonstrate CVE...
portswigger-labs
PortSwigger Web Security Academy — Lab Notes Notes from compl...
Hunting-Bugs
2026 Practical Bug Bounty Guide Built on real-world experie...
dvwa_xss_lab
DVWA XSS Lab Project Introduction This project creates a...
MAL-2026-3749 Malicious code in @webapp-next/store (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbad3803cdda40845fe2aa64e0963b9293f9ee523b3f9205a354da2ae1e317bf package.json declares "preinstall": "node index.js", which runs automatically on npm install. index.js collects os.hostname, os.platform, os.arch,...
PortSwigger Web Security: Burp Suite Professional: browser-powered crawl can write attacker-controlled files through file input handling
A vulnerability was discovered in Burp Suite Professional 2026.3.3 on Windows. When Burp Scanner's browser-powered crawler crawled an attacker-controlled website, the website could force Burp to write an attacker-controlled file to an attacker-controlled local path. The issue was caused by Burp's...
portswigger-sqlinjection-labs
🔐 SQL Injection Attack Lab – PortSwigger Web Security Academy...
PortSwigger Web Security: Out of scope: Improper Input Validation Order on /api-internal/login via password field leads to unnecessary resource consumption
A security issue was discovered in the /api-internal/login authentication endpoint of the internal login interface of Burp Suite DAST Enterprise. The issue was caused by improper input validation order, where the application processed user-supplied input before enforcing field-level validation...
Rxss-Scan
Rxss-Scan is a lightwe...
Rockwell Automation ArmorStart LT Denial of Service Vulnerability (CNVD-2026-10854)
Rockwell Automation ArmorStart LT is a distributed motor controller from Rockwell Automation. A denial of service vulnerability exists in the Rockwell Automation ArmorStart LT, which originates from a device losing ICMP connectivity while performing a Burp Suite active scan, and can be exploited ...
BurpSuitePro
Burp Suite Bambda Scripts - Vulnerability Testing Toolkit v2.0...
POC-Generator-Burp_Suite_Extension
🎯 POC Generator - Burp Suite Extension From vulnerability...
Burp Extension Persistence
This module adds a java based malicious extension to the Burp Suite configuration file. When burp is opened, the extension will be loaded and the payload will be executed. Tested against Burp Suite Community Edition v2024.9.4, on Ubuntu Desktop 24.04. Tested against Burp Suite Community Edition...
CVE-2025-9278
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible...
CVE-2025-9278
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible...
CVE-2025-9278
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible...