WDIRGood resources about web security that I have read.
Stars: ✭ 14 (-98.84%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (-59.34%)
Awesome Bugbounty WriteupsA curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Stars: ✭ 2,429 (+100.74%)
cf-checkCloudFlare Checker written in Go
Stars: ✭ 147 (-87.85%)
JwtxploiterA tool to test security of json web token
Stars: ✭ 130 (-89.26%)
Project BlackPentest/BugBounty progress control with scanning modules
Stars: ✭ 257 (-78.76%)
RedcloudAutomated Red Team Infrastructure deployement using Docker
Stars: ✭ 551 (-54.46%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-51.82%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (-19.5%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (-87.36%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-97.11%)
leaky-pathsA collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
Stars: ✭ 507 (-58.1%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-72.89%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+2619.75%)
HerokuContainerDockerized ASP.NET Core Web API app in Heroku
Stars: ✭ 26 (-97.85%)
LazyreconAn automated approach to performing recon for bug bounty hunting and penetration testing.
Stars: ✭ 282 (-76.69%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-87.6%)
AsnlookupLeverage ASN to look up IP addresses (IPv4 & IPv6) owned by a specific organization for reconnaissance purposes, then run port scanning on it.
Stars: ✭ 163 (-86.53%)
TuktukTool for catching and logging different types of requests.
Stars: ✭ 174 (-85.62%)
ProxenetThe ONLY hacker friendly proxy for webapp pentests.
Stars: ✭ 193 (-84.05%)
tryhackme-ctfTryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Stars: ✭ 140 (-88.43%)
flydnsRelated subdomains finder
Stars: ✭ 29 (-97.6%)
rejigTurn your VPS into an attack box
Stars: ✭ 33 (-97.27%)
tugareconPentest: Subdomains enumeration tool for penetration testers.
Stars: ✭ 142 (-88.26%)
FindsploitFind exploits in local and online databases instantly
Stars: ✭ 1,160 (-4.13%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-96.45%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-98.02%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-97.44%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-74.38%)
project-blackPentest/BugBounty progress control with scanning modules
Stars: ✭ 279 (-76.94%)
DeadDNSDNS hijacking via dead records automation tool
Stars: ✭ 44 (-96.36%)
Pcwt Stars: ✭ 46 (-96.2%)
HowtohuntTutorials and Things to Do while Hunting Vulnerability.
Stars: ✭ 2,996 (+147.6%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+116.28%)
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+61.07%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+8.76%)
spellbookFramework for rapid development and reusable of security tools
Stars: ✭ 67 (-94.46%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-95.37%)
awesome-api-securityA collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Stars: ✭ 2,079 (+71.82%)
firecrackerStop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Stars: ✭ 438 (-63.8%)
hack-pet🐰 Managing command snippets for hackers/bug bounty hunters. with pet.
Stars: ✭ 77 (-93.64%)
PhirauteeA proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.
Stars: ✭ 96 (-92.07%)
modern.jsThe meta-framework suite designed from scratch for frontend-focused modern web development.
Stars: ✭ 2,624 (+116.86%)
uberscanSecurity program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.
Stars: ✭ 31 (-97.44%)
staticfuzzMemories which vanish
Stars: ✭ 15 (-98.76%)
bpanelA Blockchain Management System, powered by bcoin
Stars: ✭ 52 (-95.7%)
img ai app boilerplateAn image classification app boilerplate to serve your deep learning models asap!
Stars: ✭ 27 (-97.77%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-65.21%)
react-flagkit🇺🇦 React wrapper for FlagKit Flag Icons
Stars: ✭ 21 (-98.26%)