Curso de OWASP Top 10: de Injections a monitoramento.

Django website with intentional security flaws and their fixes to demonstrate vulnerabilities commonly found in web applications. Flaws include SQL injection, broken access control, SSRF, security misconfiguration, and CSRF.

Web Application Penetration Tester (WAPT) Notes

WARNING: This is a vulnerable application to test the exploit for the Jetpack < 13.9.1 broken access control (CVE-2024-9926). Run it at your own risk!

Project in Django Python on theme Security vulnerabilites - Sensitive data exposure, Broken Access Control.

Bachelor’s Work - WEB programming

Fixing an Insecure Blog Application.

Bachelor’s Work - WEB programming

This repository contains OWASP Top 10 CTF challenges designed to test your skills in web application security. Each category includes both "easy" and "hard" challenges.

CVE-2023-22515

CVE-2023-22515: Confluence Broken Access Control Exploit

🧿 AutorizePro是一款强大越权检测 Burp 插件，通过增加 AI 辅助分析 && 进一步优化检测逻辑，大幅降低误报率，提升越权漏洞检出效率。 [ AutorizePro is a authorization enforcement detection extension for burp suite. By adding Ai-assisted analysis, it significantly reduces the false positive rate and improves the efficiency of vulnerability detection.

SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.