879 Open source projects that are alternatives of or similar to gradejs

qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

XSS in pastebin.com and reddit.com via unsanitized markdown output

Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.

vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}

The Correlated CVE Vulnerability And Threat Intelligence Database API

Toolset for detecting reflected xss in websites

Misc. Public Reports of Penetration Testing and Security Audits.

🎯 Command Injection Payload List

NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473

Tutorials and Things to Do while Hunting Vulnerability.

Open Vulnerability Assessment Scanner - Scanner for Greenbone Vulnerability Management (GVM)

Docker Scan is a Command Line Interface to run vulnerability detection on your Dockerfiles and Docker images

A collection of my quick and dirty scripts for vulnerability POC and detections

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Vulners Python API wrapper

Advanced vulnerability scanning with Nmap NSE

Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

Advanced Web Browser Fingerprinting

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SQL Injection Payload List

Penetration tests guide based on OWASP including test cases, resources and examples.

Arissploit Framework is a simple framework designed to master penetration testing tools. Arissploit Framework offers simple structure, basic CLI, and useful features for learning and developing penetration testing tools.

Awesome Writeups and POCs

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

A Penetration Testing Framework, Information gathering tool & Website Vulnerability Scanner

Repository for webpack documentation and more!

📦 PureScript package management with Nix

Use HTML files as entry points in your rollup bundle.

all manner of wordlists

[Abandoned] Integrates SpyTimelineBundle into Sonata

Material design icons by Google for Vue.js & Nuxt.js (server side support & inline svg with path)

GitHub Action to run `npm audit`

You can find hardcoded Api-Key,Secret,Token Etc..

A bundle that allows symfony to get the version of assets versioned with gulp-rev

Package management library.

D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

📦 Provides communication with web-socket server Centrifugo in Symfony applications.

RAS(RAndom Subdomain) Fuzzer

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

Ruby library for interacting with Bugcrowd's VRT

Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple static/dynamic scans

Extraction of iMessage Data via XSS

This Python script can be used to bypass IP source restrictions using HTTP headers.

Unique wordlist generator of unique wordlists.

A collection of some of my scripts

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Nuclei Templates to reproduce Cracking the lens's Research

Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance

A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research

Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.

This Symfony2 bundle allows you to place your website in maintenance mode by calling two commands in your console. A page with status code 503 appears to users, it is possible to authorize certain ips addresses stored in your configuration.

"dockerized" Vim

Hot reload client and server webpack bundles for the ultimate development experience

SlackBundle for Symfony2 with Guzzle-Integration

Creating virtual environments for R.

Compact Cache V2 is used by ArcGIS to store raster tiles. The bundle file structure is very simple and optimized for quick access, resulting in improved performance over alternative formats.

[READ-ONLY] Message queue bundle for Symfony. RabbitMQ, Amazon SQS, Redis, Service bus, Async events, RPC over MQ and a lot more