PHP Deserialization-vulnerability Resources

A simple library for JSON to PHP Objects conversions Often times, we interact with an API, or data source that returns JSON. PHP only offers the possi

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

Fix Major Security Vulnerability on PrestaShop Websites 🚀 CVE-2022-31101 detector and fixer! A newly found exploit could allow remote attackers to ta

WebVulScan is a web application vulnerability scanner. It is a web application itself written in PHP and can be used to test remote, or local, web applications for security vulnerabilities.

File Upload Vulnerability Scenarios (Challenges) This repository is a dockerized PHP application containing some file upload vulnerability challenges

A platform for CMS version detection, exploit suggestion and CVE display based on vulnerability

A laboratory for learning secure web and mobile development in a practical manner. Build your lab By provisioning local environments via docker-compos

All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

BadMod auto exploit tool Version 2.0 Fixed colors bug Fixed permissions bug Added new option to scan single target Added new option to scan joomla & w

WPHunter Tool ☣ WPHunter A Wordpress Vulnerability Scanner You can use this tool on your wordpress website to check the security of your website by fi

Magento Vulnerability Database List of Magento 1 and 2 integrations with known security issues. Objective: easily identify insecure 3rd party software

「 🌎 」About Web Exploration Laboratory The Web Exploration Laboratory (WEL) is a project created for people just entering the information security bus

A laboratory for learning secure web and mobile development in a practical manner. Build your lab By provisioning local environments via docker-compos

Enlightn Security Checker The Enlightn Security Checker is a command line tool that checks if your application uses dependencies with known security v

PHP malware detector Smart PHP vulnerability detector Web mode: Console mode: Using PHP malware detector Requirements PHP 5.4+ Install php-malware-det

Roave Security Advisories This package ensures that your application doesn't have installed dependencies with known security vulnerabilities. Installa

progpilot A static analyzer for security purposes Only PHP language is currently supported Installation Option 1: use standalone phar Download the lat

OpenVDP Open Source Vulnerability Disclosure Program Created by Akshat Parikh What is this web application? OpenVDP is a full stack web application th

k61v1injector Arbitrary application installer for Qin F21 Pro Exploit the vulnerability to install arbitrary applications in k61v1 without ROOT. Feel

Todo Laravel Fingerprint Laravel Leak .env Laravel Debug Mode Laravel CVE-2018-15133 Laravel Ignition CVE-2021-3129 Insecure Deserialization with APP_

sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of

JsonMapper - map nested JSON structures onto PHP classes Takes data retrieved from a JSON web service and converts them into nested object and arrays