juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+20.14%)
Juice Shop CtfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Stars: ✭ 238 (-96.2%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (-44.13%)
juice-shop-ctfCapture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (-95.42%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (-89.25%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (-38.23%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-99.11%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+45.39%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-98.64%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+207.85%)
Rustscan🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (-16.78%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+15.57%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-91.88%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-98.2%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (-79.78%)
PidrilaPython Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
Stars: ✭ 125 (-98.01%)
GetjsA tool to fastly get all javascript sources/files
Stars: ✭ 190 (-96.97%)
Name That Hash🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥
Stars: ✭ 540 (-91.39%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (-98.17%)
SpellbookMicro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-99.15%)
Awesome Hacking ResourcesA collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+82.87%)
ZaproxyThe OWASP ZAP core project
Stars: ✭ 9,078 (+44.78%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-96.83%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (-96.79%)
dependency-check-pluginJenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (-98.29%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-92.62%)
Lyncsmashlocate and attack Lync/Skype for Business
Stars: ✭ 258 (-95.89%)
Dumpall一款信息泄漏利用工具,适用于.git/.svn源代码泄漏和.DS_Store泄漏
Stars: ✭ 250 (-96.01%)
UptuxLinux privilege escalation checks (systemd, dbus, socket fun, etc)
Stars: ✭ 260 (-95.85%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-95.74%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-95.73%)
CripsIP Tools To quickly get information about IP Address's, Web Pages and DNS records.
Stars: ✭ 272 (-95.66%)
Ictf FrameworkThe iCTF Framework, presented by Shellphish!
Stars: ✭ 281 (-95.52%)
SecurecodeboxsecureCodeBox (SCB) - continuous secure delivery out of the box
Stars: ✭ 279 (-95.55%)
Cheatsheet GodPenetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (-43.84%)
AirgeddonThis is a multi-use bash script for Linux systems to audit wireless networks.
Stars: ✭ 3,830 (-38.92%)
InjuredandroidA vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
Stars: ✭ 317 (-94.94%)
Langhost👻 A LAN dropbox chatbot controllable via Telegram
Stars: ✭ 324 (-94.83%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (-97.56%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (-95.66%)
VajraVajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
Stars: ✭ 269 (-95.71%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (-94.77%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (-94.48%)
Ctf DifficultyThis cheasheet is aimed at the CTF Players and Beginners to help them sort the CTF Challenges on the basis of Difficulties.
Stars: ✭ 338 (-94.61%)
CtfCTF (Capture The Flag) writeups, code snippets, notes, scripts
Stars: ✭ 336 (-94.64%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (-94.27%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (-33.62%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (-93.68%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (-93.76%)