ecriminal / Phpvuln
Audit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146
Programming Languages
python
139335 projects - #7 most used programming language
Projects that are alternatives of or similar to Phpvuln
Arachni
Web Application Security Scanner Framework
Stars: ✭ 2,942 (+1915.07%)
Mutual labels: hacking, penetration-testing, xss, audit, sql-injection
Hacker101
Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+8287.67%)
Mutual labels: hacking, xss, sql-injection, vulnerability
V3n0m Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+480.14%)
Mutual labels: hacking, vulnerability, xss, sqli
Blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+507.53%)
Mutual labels: vulnerability, xss, owasp, sqli
vulnerabilities
List of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-90.41%)
Mutual labels: xss, penetration-testing, sql-injection
Whatweb
Next generation web scanner
Stars: ✭ 3,503 (+2299.32%)
Mutual labels: hacking, penetration-testing, owasp
Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+166.44%)
Mutual labels: penetration-testing, xss, sql-injection
Awesome Hacking Resources
A collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+7753.42%)
Mutual labels: hacking, penetration-testing, owasp
Nmap
Idiomatic nmap library for go developers
Stars: ✭ 391 (+167.81%)
Mutual labels: hacking, penetration-testing, audit
Awesome Ethical Hacking Resources
🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.
Stars: ✭ 933 (+539.04%)
Mutual labels: hacking, penetration-testing, owasp
Payloads
Git All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+1860.27%)
Mutual labels: hacking, xss, sqli
Nosqlmap
Automated NoSQL database enumeration and web application exploitation tool.
Stars: ✭ 1,928 (+1220.55%)
Mutual labels: hacking, penetration-testing, sql-injection
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+567.12%)
Mutual labels: hacking, xss, sqli
A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+161.64%)
Mutual labels: hacking, penetration-testing, vulnerability
Fdsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+36.3%)
Mutual labels: hacking, penetration-testing, owasp
Payloadsallthethings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+22440.41%)
Mutual labels: hacking, penetration-testing, vulnerability
Ary
Ary 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+65.07%)
Mutual labels: penetration-testing, vulnerability, xss
In Spectre Meltdown
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Stars: ✭ 86 (-41.1%)
Mutual labels: hacking, penetration-testing, vulnerability
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+7058.22%)
Mutual labels: hacking, penetration-testing, vulnerability
phpvuln
phpvuln is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection.
Screenshot
Installation
You can download phpvuln by cloning the Git repository:
git clone https://github.com/ecriminal/phpvuln.git
Install the required PIP packages:
python -m pip install -r requirements.txt
Usage
To get the list of all options use:
python phpvuln.py -h
Contributors
checksum
I'm currently looking for contributors to help improve phpvuln. Contact me on Discord, if you're interested :-)
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].