Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-92.54%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+106.05%)
JavasecurityJava web and command line applications demonstrating various security topics
Stars: ✭ 182 (-63.31%)
wasecExamples of security features (or mishaps) on web applications -- these are mostly examples and tutorials from the WASEC book.
Stars: ✭ 74 (-85.08%)
BlastulaEasily send great-looking HTML email messages from R
Stars: ✭ 394 (-20.56%)
Skullspre-built coreboot images and documentation on how to flash them for the Thinkpad X230
Stars: ✭ 318 (-35.89%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (-39.52%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (-16.53%)
XsserFrom XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Stars: ✭ 381 (-23.19%)
Vuejs Serverside Template XssDemo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
Stars: ✭ 278 (-43.95%)
Ant实时上线的 XSS 盲打平台
Stars: ✭ 340 (-31.45%)
Anti Xss㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
Stars: ✭ 403 (-18.75%)
JsshellAn interactive multi-user web JS shell
Stars: ✭ 330 (-33.47%)
Owasp Xenotix Xss Exploit FrameworkOWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
Stars: ✭ 424 (-14.52%)
Easy.commonA set of useful utilities and helpers used across Easy.* projects.
Stars: ✭ 306 (-38.31%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-21.57%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-41.73%)
Sakurairo一个多彩,轻松上手,体验完善,具有强大自定义功能的WordPress主题(基于Sakura主题)A Colorful, Easy-to-use, Perfect Experience, and Powerful Customizable WordPress Theme (Based on Theme Sakura)
Stars: ✭ 456 (-8.06%)
NoscriptThe popular NoScript Security Suite browser extension.
Stars: ✭ 366 (-26.21%)
Secure headersManages application of security headers with many safe defaults
Stars: ✭ 2,942 (+493.15%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-46.17%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-46.17%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (-27.42%)
ImGuiBuildero/ ImGui Builder is a graphical framework for assembling imgui codes in your interface easily
Stars: ✭ 279 (-43.75%)
Owasp Java EncoderThe OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Stars: ✭ 343 (-30.85%)
AwesomexssAwesome XSS stuff
Stars: ✭ 3,664 (+638.71%)
Webappsec Trusted TypesA browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
Stars: ✭ 424 (-14.52%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-33.27%)
ProtectProactively protect your Node.js web services
Stars: ✭ 394 (-20.56%)
FirestrThe Grass Computing Platform
Stars: ✭ 329 (-33.67%)
Hopachttp://hopac.github.io/Hopac/Hopac.html
Stars: ✭ 461 (-7.06%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-37.5%)
Laravel CspSet content security policy headers in a Laravel app
Stars: ✭ 388 (-21.77%)
Aqemu Official AQEMU repository - a GUI for virtual machines using QEMU as the backend
Stars: ✭ 301 (-39.31%)
AirshipSecure Content Management for the Modern Web - "The sky is only the beginning"
Stars: ✭ 422 (-14.92%)
LitiengineLITIENGINE 🕹 The pure 2D java game engine.
Stars: ✭ 384 (-22.58%)
Simple Php RouterSimple, fast and yet powerful PHP router that is easy to get integrated and in any project. Heavily inspired by the way Laravel handles routing, with both simplicity and expand-ability in mind.
Stars: ✭ 279 (-43.75%)
TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (-6.45%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+677.82%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+493.15%)
YaspinA lightweight terminal spinner for Python with safe pipes and redirects 🎁
Stars: ✭ 413 (-16.73%)
Django Admin EasyCollection of admin fields and decorators to help to create computed or custom fields more friendly and easy way
Stars: ✭ 265 (-46.57%)
SecureheadersA PHP library aiming to make the use of browser security features more accessible.
Stars: ✭ 364 (-26.61%)
Carrot🥕 Evolutionary Neural Networks in JavaScript
Stars: ✭ 261 (-47.38%)
Scaner扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
Stars: ✭ 357 (-28.02%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-94.15%)
NetworkAgentThis package is meant to make http request of an easy way inspiren in the architecture of Moya package. This package is 100% free of dependencies and works with Combine api + Codable
Stars: ✭ 16 (-96.77%)
StriptagsAn implementation of PHP's strip_tags in Typescript.
Stars: ✭ 409 (-17.54%)
Lamp Cloudlamp-cloud 基于Jdk11 + SpringCloud + SpringBoot的微服务快速开发平台,其中的可配置的SaaS功能尤其闪耀, 具备RBAC功能、网关统一鉴权、Xss防跨站攻击、自动代码生成、多种存储系统、分布式事务、分布式定时任务等多个模块,支持多业务系统并行开发, 支持多服务并行开发,可以作为后端服务的开发脚手架。代码简洁,注释齐全,架构清晰,非常适合学习和企业作为基础框架使用。
Stars: ✭ 4,125 (+731.65%)
XSS-CheatsheetXSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-94.76%)
CSpydrA static typed low-level compiled programming language inspired by Rust and C
Stars: ✭ 17 (-96.57%)
GrameworkFast and Reliable Golang Web Framework
Stars: ✭ 354 (-28.63%)
PointblankData validation and organization of metadata for data frames and database tables
Stars: ✭ 480 (-3.23%)