security-checklist / Php Security Check List
Licence: mit
PHP Security Check List [ EN ] 🌋 ☣️
Stars: ✭ 262
Labels
Projects that are alternatives of or similar to Php Security Check List
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-76.34%)
Mutual labels: security-audit, security-testing, bugbounty
Taipan
Web application vulnerability scanner
Stars: ✭ 359 (+37.02%)
Mutual labels: web-application, security-audit, security-testing
Start Fastapi
a lightweight web framework based on fastapi
Stars: ✭ 48 (-81.68%)
Mutual labels: web-application, web-application-framework
Awesome Django
Repository mirror of GitLab: https://gitlab.com/rosarior/awesome-django This repository is not monitored for issues, use original at GitLab.
Stars: ✭ 8,527 (+3154.58%)
Mutual labels: web-application, web-application-framework
Appweb
Appweb Community Edition Embedded Web Server
Stars: ✭ 196 (-25.19%)
Mutual labels: web-application, web-application-framework
Arachni
Web Application Security Scanner Framework
Stars: ✭ 2,942 (+1022.9%)
Mutual labels: web-application, security-audit
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+12460.69%)
Mutual labels: web-application, bugbounty
Revel
A high productivity, full-stack web framework for the Go language.
Stars: ✭ 12,463 (+4656.87%)
Mutual labels: web-application, web-application-framework
Ssti Payloads
🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-42.75%)
Mutual labels: security-audit, bugbounty
LogESP
Open Source SIEM (Security Information and Event Management system).
Stars: ✭ 162 (-38.17%)
Mutual labels: security-audit, web-application
Chat-Bot-Security-Checklist
Chat Bot Security Checklist
Stars: ✭ 20 (-92.37%)
Mutual labels: checklist, security-audit
humble
A humble, and fast, security-oriented HTTP headers analyzer
Stars: ✭ 17 (-93.51%)
Mutual labels: checklist, security-audit
Rails Security Checklist
🔑 Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Stars: ✭ 1,265 (+382.82%)
Mutual labels: checklist, security-audit
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-30.53%)
Mutual labels: security-audit, bugbounty
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-38.17%)
Mutual labels: security-audit, bugbounty
Web Methodology
Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Stars: ✭ 142 (-45.8%)
Mutual labels: web-application, security-testing
Pentesting
Misc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-90.84%)
Mutual labels: security-audit, bugbounty
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+635.88%)
Mutual labels: security-audit, bugbounty
Libdiffuzz
Custom memory allocator that helps discover reads from uninitialized memory
Stars: ✭ 147 (-43.89%)
Mutual labels: security-audit, security-testing
Webperl
Run Perl in the browser with WebPerl!
Stars: ✭ 221 (-15.65%)
Mutual labels: web-application, web-application-framework
PHP Security Check List [ EN ]
PHP: Hypertext Preprocessor is a web-based, server-side, multi-use, general-purpose, scripting and programming language that can be embedded in HTML. The PHP development, which was first created by Rasmus Lerdorf in 1995, is now being run by the PHP community.
The PHP programming language is still used by a large developer. It is the most known backend programming language. In PHP web applications, I prepared a list called "php security check list" which security researchers should know.
- Full Path Disclosure
- Arbitrary File Upload
- Arbitrary File Delete
- Arbitrary File Download
- Local File Inclusion
- Remote File Inclusion
- Cookie Injection
- Session hijacking
- Header Injection
- SQL Injection
- XML Injection
- XXE Injection
- Email Injection
- HTML Injection
- xPath Injection
- Code Injection
- Command Injection
- Object Injection
- Cross Site Scripting
- Cross Site Request Forgery
- Broken Authentication and Session Management
- Session Hijacking Attack
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].