astam-correlatorVulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans
Stars: ✭ 22 (-33.33%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+630.3%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+790.91%)
M3m0M3m0 Tool ⚔️ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 124 (+275.76%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-57.58%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (+306.06%)
Icg AutoexploiterbotWordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (+633.33%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+1078.79%)
Rapidscan🆕 The Multi-Tool Web Vulnerability Scanner.
Stars: ✭ 775 (+2248.48%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+2996.97%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+342.42%)
xss-chefA web application for generating custom XSS payloads
Stars: ✭ 70 (+112.12%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+1121.21%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+8815.15%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+18742.42%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+6369.7%)
SSI Extra MaterialsIn my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (+27.27%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+8572.73%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (+260.61%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (+324.24%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (+572.73%)
Python Xss FilterBased on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
Stars: ✭ 115 (+248.48%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (+245.45%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (+548.48%)
XsscopeXSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Stars: ✭ 103 (+212.12%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+4033.33%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+7830.3%)
lavaMicrosoft Azure Exploitation Framework
Stars: ✭ 46 (+39.39%)
Zebra formA jQuery augmented PHP library for creating secure HTML forms, and validating them easily
Stars: ✭ 95 (+187.88%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (+290.91%)
Veneno Stars: ✭ 230 (+596.97%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (+242.42%)
xecaPowerShell payload generator
Stars: ✭ 103 (+212.12%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (+248.48%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (+551.52%)
Parsevip解析VIP资源,解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
Stars: ✭ 105 (+218.18%)
Intel-OneCommand line tool for passive reconnaissance, able to gather and link public information to a target domain, company or individual. It can make intelligence gathering faster and more effective by drastically reducing manual user interaction. This is achieved through the engineering of a highly customisable single input to multiple output solutio…
Stars: ✭ 23 (-30.3%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+4103.03%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (+542.42%)
XlessThe Serverless Blind XSS App
Stars: ✭ 191 (+478.79%)
XsstrikeMost advanced XSS scanner.
Stars: ✭ 9,822 (+29663.64%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (+163.64%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (+57.58%)
Webrtcxss利用XSS入侵内网(Use XSS automation Invade intranet)
Stars: ✭ 190 (+475.76%)
SqlinatorAutomatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
Stars: ✭ 70 (+112.12%)
Pythempentest framework
Stars: ✭ 1,060 (+3112.12%)
JavasecurityJava web and command line applications demonstrating various security topics
Stars: ✭ 182 (+451.52%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (+45.45%)
Awesome-CyberSec-ResourcesAn awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, ...)
Stars: ✭ 273 (+727.27%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (+421.21%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+2851.52%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (+12.12%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (+406.06%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+2854.55%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+2587.88%)