This repository documents my hands on experience and assignments during the Columbia University Cybersecurity Program. It includes home labs related to network security, penetration testing, and defensive security

OWASP Juice Shop Laboratory

📚 security - web security

CF Tunnel Gate is a secure Reverse Proxy, Web Application Firewall (WAF), and Intrusion Prevention System(WAF), designed for self-hosted projects and backed with Cloudflare Tunnels.

Blind XXE Xtractor is a script created for educational purpose to test Blind XXE vulnerabilities in controlled environments, which has support for local and remote websites with XML requests.

Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug bounty programs. The xss finder gets a link from the user and scan the website for XSS vulnerability by injecting malicious scripts at the input place.

acquirer.sh A Automated recon script made by @Albonycal

Bash script to install docker and OWASPs juice-shop vulnerable webapp. Run this and browse to http://localhost:3000

Offensive penetration testing. Perform multiple attack types against web applications, vulnerable programs and OSes in predefined and safe test environment

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.

VulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.