CtftoolsPersonal CTF Toolkit
Stars: ✭ 312 (+59.18%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-87.24%)
Project TauroA Router WiFi key recovery/cracking tool with a twist.
Stars: ✭ 52 (-73.47%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+83.16%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-80.61%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+546.94%)
JiffJavaScript library for building web-based applications that employ secure multi-party computation (MPC).
Stars: ✭ 131 (-33.16%)
Openftp4A list of all FTP servers in IPv4 that allow anonymous logins.
Stars: ✭ 634 (+223.47%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+117.86%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+543.37%)
Javaidjava source code static code analysis and danger function identify prog
Stars: ✭ 327 (+66.84%)
Cs253.stanford.eduCS 253 Web Security course at Stanford University
Stars: ✭ 155 (-20.92%)
WDIRGood resources about web security that I have read.
Stars: ✭ 14 (-92.86%)
ViewstateASP.NET View State Decoder
Stars: ✭ 77 (-60.71%)
shellsumA defense tool - detect web shells in local directories via md5sum
Stars: ✭ 30 (-84.69%)
Bunkerized Nginx🛡️ Make your web services secure by default !
Stars: ✭ 2,361 (+1104.59%)
cyber-gymDeliberately vulnerable scripts for Web Security training
Stars: ✭ 19 (-90.31%)
Prestashop Cve 2018 19126PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
Stars: ✭ 37 (-81.12%)
firecrackerStop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Stars: ✭ 438 (+123.47%)
ExploHuman and machine readable web vulnerability testing format
Stars: ✭ 114 (-41.84%)
CJ2018-Final-CTFCyber Jawara 2018 Final - Attack & Defense CTF services environments based on Docker.
Stars: ✭ 58 (-70.41%)
Corscanner Fast CORS misconfiguration vulnerabilities scanner🍻
Stars: ✭ 601 (+206.63%)
Githacker🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind
Stars: ✭ 524 (+167.35%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (-43.37%)
LookylooLookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
Stars: ✭ 381 (+94.39%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+6147.96%)
Ssrf vulnerable labThis Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
Stars: ✭ 361 (+84.18%)
Jwt PwnSecurity Testing Scripts for JWT
Stars: ✭ 170 (-13.27%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (+19.9%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-26.53%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-81.63%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+5110.2%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-71.43%)
Lighthouse SecurityRuns the default Google Lighthouse tests with additional security tests
Stars: ✭ 190 (-3.06%)
Waf A MoleA guided mutation-based fuzzer for ML-based Web Application Firewalls
Stars: ✭ 51 (-73.98%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-83.67%)
C4Open IP cameras in IPv4
Stars: ✭ 123 (-37.24%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (+64.8%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-13.78%)
guardrailsguardrails.cs.virginia.edu
Stars: ✭ 18 (-90.82%)
Articles Translator📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
Stars: ✭ 606 (+209.18%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-41.84%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+187.76%)
DomxssscannerDOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
Stars: ✭ 181 (-7.65%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-17.35%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+595.92%)
TwaA tiny web auditor with strong opinions.
Stars: ✭ 549 (+180.1%)