WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (-47.57%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-90.58%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+34.8%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+4901.37%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-96.35%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-77.2%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+100%)
HerpaderpingProcess Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
Stars: ✭ 614 (-6.69%)
SerenitySerenityOS is a love letter to '90s user interfaces with a custom Unix-like core. It flatters with sincerity by stealing beautiful ideas from various other systems.
Stars: ✭ 16,842 (+2459.57%)
Unix V6UNIX 6th Edition Kernel Source Code
Stars: ✭ 125 (-81%)
CorsmeCross Origin Resource Sharing MisConfiguration Scanner
Stars: ✭ 118 (-82.07%)
Hiboothiboot is a high performance web and cli application framework with dependency injection support
Stars: ✭ 150 (-77.2%)
VulnogramVulnogram is a tool for creating and editing CVE information in CVE JSON format
Stars: ✭ 103 (-84.35%)
tupaiTupai is a multi-tasking operating system I wrote for my degree that focuses on safety and design, targeting a variety of platforms.
Stars: ✭ 21 (-96.81%)
exploitsSome of my public exploits
Stars: ✭ 50 (-92.4%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-95.29%)
gradejsGradeJS analyzes production Webpack bundles without having access to the source code of a website. Instantly see vulnerabilities, outdated packages, and more just by entering a web application URL.
Stars: ✭ 362 (-44.98%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (-76.75%)
duckOSYet another hobby x86 UNIX-like operating system written in C and C++. Features a dynamically linked userspace, an in-house c standard library, and more! And yes, it runs DOOM.
Stars: ✭ 250 (-62.01%)
kernelMain kernel tree
Stars: ✭ 28 (-95.74%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-87.23%)
LynisLynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Stars: ✭ 9,137 (+1288.6%)
FrostedFrosted: Free POSIX OS for tiny embedded devices
Stars: ✭ 194 (-70.52%)
Illumos GateAn open-source Unix operating system
Stars: ✭ 952 (+44.68%)
DomainkerBugBounty Tool
Stars: ✭ 40 (-93.92%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-22.64%)
Cboxconvert any python function to unix-style command
Stars: ✭ 154 (-76.6%)
UnikraftUnikraft is an automated system for building specialized POSIX-compliant OSes known as unikernels. (Core repository)
Stars: ✭ 183 (-72.19%)
safelog4jSafelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
Stars: ✭ 38 (-94.22%)
weblogic honeypotWebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.
Stars: ✭ 30 (-95.44%)
OnyxUNIX-like operating system written in C and C++
Stars: ✭ 52 (-92.1%)
AiliceOSAiliceOS: Build an x86_64 and UEFI OS using Rust
Stars: ✭ 59 (-91.03%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-93.47%)
CoherentCoherent OS
Stars: ✭ 20 (-96.96%)
webapp-wordlistsThis repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.
Stars: ✭ 306 (-53.5%)
HowtohuntTutorials and Things to Do while Hunting Vulnerability.
Stars: ✭ 2,996 (+355.32%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-36.02%)
findlargedirfind all "blackhole" directories with a huge amount of filesystem entries in a flat structure
Stars: ✭ 15 (-97.72%)
maposSistema de Controle de Ordens de Serviço
Stars: ✭ 24 (-96.35%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-87.08%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-95.59%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-59.42%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (-54.41%)
SubzySubdomain takeover vulnerability checker
Stars: ✭ 287 (-56.38%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-45.44%)
AquilaAquilaOS: UNIX-like Operating System
Stars: ✭ 413 (-37.23%)
XvwaXVWA is intentionally designed with many security flaws and enough technical ground to upskill application security knowledge. This whole idea is to evangelize web application security issues. Do let us know your suggestions for improvement or any more vulnerability you would like to see in XVWA future releases.
Stars: ✭ 1,540 (+134.04%)