PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+139.34%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-47.54%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-52.46%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-77.05%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+537.7%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+4722.95%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+19975.41%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+4190.16%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-37.7%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (+42.62%)
JanusecJanusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Stars: ✭ 771 (+1163.93%)
ProtectProactively protect your Node.js web services
Stars: ✭ 394 (+545.9%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (+159.02%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (+173.77%)
WascanWAScan - Web Application Scanner
Stars: ✭ 1,895 (+3006.56%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-14.75%)
sqlscanQuick SQL Scanner, Dorker, Webshell injector PHP
Stars: ✭ 140 (+129.51%)
XsshellAn XSS reverse shell framework
Stars: ✭ 251 (+311.48%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+3400%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (+111.48%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+295.08%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (+85.25%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (+88.52%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (+72.13%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+381.97%)
Veneno Stars: ✭ 230 (+277.05%)
Parsevip解析VIP资源,解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
Stars: ✭ 105 (+72.13%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (+181.97%)
hasherbasherSQL injection via bruteforced MD5 hash reflection of random strings
Stars: ✭ 40 (-34.43%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+3127.87%)
flask-vue-project-seedSPA quick start using Python Flask and Vue.js. Containerized with Docker.
Stars: ✭ 27 (-55.74%)
Flight-Booking-System-JavaServlets App✈️ An enterprise level Flight Booking System for Turkish Airlines (web-application) based on the Model View Controller (MVC) Architecture made using Java Servlets, Java Server Pages (JSPs). Moreover authentication and authorization for users is implemented. The web-application is also secured against SQL Injection and Cross-Site Scripting attacks.
Stars: ✭ 107 (+75.41%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (+119.67%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (+95.08%)
flask-vulnPretty vulnerable flask app..
Stars: ✭ 23 (-62.3%)
Python Xss FilterBased on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
Stars: ✭ 115 (+88.52%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+4591.8%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (+86.89%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-63.93%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (+263.93%)
XsscopeXSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Stars: ✭ 103 (+68.85%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+2173.77%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+2136.07%)
laravel-xss-filterFilter user input for XSS but don't touch other html
Stars: ✭ 38 (-37.7%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (+252.46%)
Zebra formA jQuery augmented PHP library for creating secure HTML forms, and validating them easily
Stars: ✭ 95 (+55.74%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (+250.82%)
XsstrikeMost advanced XSS scanner.
Stars: ✭ 9,822 (+16001.64%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (+247.54%)
SqlinatorAutomatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
Stars: ✭ 70 (+14.75%)
Pythempentest framework
Stars: ✭ 1,060 (+1637.7%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-21.31%)