guardrailsguardrails.cs.virginia.edu
Stars: ✭ 18 (-80.22%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+118.68%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (+254.95%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+78.02%)
Ssrf vulnerable labThis Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
Stars: ✭ 361 (+296.7%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+21.98%)
Articles Translator📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
Stars: ✭ 606 (+565.93%)
DomxssscannerDOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
Stars: ✭ 181 (+98.9%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-60.44%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-64.84%)
JiffJavaScript library for building web-based applications that employ secure multi-party computation (MPC).
Stars: ✭ 131 (+43.96%)
LookylooLookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
Stars: ✭ 381 (+318.68%)
Scant3rScanT3r - Web Security Scanner
Stars: ✭ 248 (+172.53%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+11121.98%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (+158.24%)
Bunkerized Nginx🛡️ Make your web services secure by default !
Stars: ✭ 2,361 (+2494.51%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+519.78%)
Cs253.stanford.eduCS 253 Web Security course at Stanford University
Stars: ✭ 155 (+70.33%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-38.46%)
cyber-gymDeliberately vulnerable scripts for Web Security training
Stars: ✭ 19 (-79.12%)
C4Open IP cameras in IPv4
Stars: ✭ 123 (+35.16%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+369.23%)
Prestashop Cve 2018 19126PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
Stars: ✭ 37 (-59.34%)
firecrackerStop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Stars: ✭ 438 (+381.32%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+294.51%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-58.24%)
ViewstateASP.NET View State Decoder
Stars: ✭ 77 (-15.38%)
CJ2018-Final-CTFCyber Jawara 2018 Final - Attack & Defense CTF services environments based on Docker.
Stars: ✭ 58 (-36.26%)
Javaidjava source code static code analysis and danger function identify prog
Stars: ✭ 327 (+259.34%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+1285.71%)
Openftp4A list of all FTP servers in IPv4 that allow anonymous logins.
Stars: ✭ 634 (+596.7%)
Log KillerClear all your logs in [linux/windows] servers 🛡️
Stars: ✭ 252 (+176.92%)
CtftoolsPersonal CTF Toolkit
Stars: ✭ 312 (+242.86%)
Veneno Stars: ✭ 230 (+152.75%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+1293.41%)
Awesome OcapAwesome Object Capabilities and Capability Security
Stars: ✭ 196 (+115.38%)
WDIRGood resources about web security that I have read.
Stars: ✭ 14 (-84.62%)
Lighthouse SecurityRuns the default Google Lighthouse tests with additional security tests
Stars: ✭ 190 (+108.79%)
Corscanner Fast CORS misconfiguration vulnerabilities scanner🍻
Stars: ✭ 601 (+560.44%)
Jwt PwnSecurity Testing Scripts for JWT
Stars: ✭ 170 (+86.81%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (+85.71%)
Project TauroA Router WiFi key recovery/cracking tool with a twist.
Stars: ✭ 52 (-42.86%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+13357.14%)
shellsumA defense tool - detect web shells in local directories via md5sum
Stars: ✭ 30 (-67.03%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (+58.24%)
TwaA tiny web auditor with strong opinions.
Stars: ✭ 549 (+503.3%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-72.53%)
Waf A MoleA guided mutation-based fuzzer for ML-based Web Application Firewalls
Stars: ✭ 51 (-43.96%)
Githacker🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind
Stars: ✭ 524 (+475.82%)