whatisgithub

What is wooyun-legacy-english?

nathan-gage/wooyun-legacy-english — explained in plain English

Analysis updated 2026-05-18

0Audience · developerComplexity · 2/5LicenseSetup · easy

In one sentence

A Claude Code plugin that backs AI security testing advice with 22,000+ real vulnerability cases from WooYun.

Mindmap

mindmap
  root((repo))
    What it does
      Enriches security reports
      Cites real cases
      Adds severity stats
    Tech stack
      Claude Code plugin
      WooYun case data
    Use cases
      Security testing reports
      Stakeholder persuasion
      Code review context
    Audience
      Security testers
      Developers
    Install modes
      Lite 432 KB
      Full 71 MB
    License
      CC BY-NC-SA 4.0
      Non-commercial only

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Back up penetration testing reports with real-world vulnerability case data.

USE CASE 2

Reference historical payment or authentication exploit statistics during a security review.

USE CASE 3

Use the Lite install for quick access to top case summaries and methodology.

What is it built with?

Claude Code plugin

How does it compare?

nathan-gage/wooyun-legacy-english0verflowme/alarm-clock0xhassaan/nn-from-scratch
Stars00
LanguageCSSPython
Last pushed2022-10-03
MaintenanceDormant
Setup difficultyeasyeasymoderate
Complexity2/52/54/5
Audiencedevelopervibe coderdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · easy Time to first run · 5min

Licensed CC BY-NC-SA 4.0, non-commercial use only.

So what is it?

WooYun Legacy is a Claude Code plugin that enriches AI-generated security testing reports with real-world vulnerability case data, rather than only offering generic advice. It is built on 22,132 business logic vulnerability cases collected by the WooYun platform between 2010 and 2016, covering payment systems, authorization, authentication, and general business logic flaws found in real applications. When you ask Claude to help with security testing, the plugin activates and transforms generic advice into data-backed recommendations citing actual incidents and severity statistics from that historical dataset. For example, instead of a general warning about payment bypass, Claude might reference that WooYun recorded 1,056 such cases with 68.7% rated high severity, and describe a real-world exploit similar to the one being discussed. The plugin explicitly does not teach new testing techniques on its own. Instead, it adds supporting data to make Claude's existing security testing capabilities more persuasive and concrete when reporting findings to stakeholders. There are two installation modes to choose from. A Lite install, around 432 KB, includes methodology files, technical manuals, and condensed case indexes covering the top 15 cases per category plus overall statistics. A Full install, around 71 MB, adds all 22,132 cases in full, along with industry pentest examples for telecom and banking, plus evaluation benchmarks. For most users the Lite install is described as covering all the core capabilities. The plugin activates automatically whenever Claude detects security-related intent in a conversation, whether that is an explicit request for penetration testing or a more implicit one, such as asking to test an endpoint or check a feature for issues. This repository is an English translation of the original WooYun Legacy project, prepared with the help of GPT-5.5. It is licensed under CC BY-NC-SA 4.0, and is intended for authorized security testing, code review, and internal risk assessment only, not for unauthorized use against systems you do not own or have permission to test.

Copy-paste prompts

Prompt 1
Use the WooYun Legacy plugin to add real case data to a report on payment bypass vulnerabilities.
Prompt 2
Explain the difference between the Lite and Full install of wooyun-legacy-english.
Prompt 3
Help me set up wooyun-legacy-english as a Claude Code plugin for authorized security testing.

Frequently asked questions

What is wooyun-legacy-english?

A Claude Code plugin that backs AI security testing advice with 22,000+ real vulnerability cases from WooYun.

How hard is wooyun-legacy-english to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is wooyun-legacy-english for?

Mainly developer.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.