gotify-pushChrome Extension for Send Push Notification 🔔 to gotify/server ☁
Stars: ✭ 32 (-91.26%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-70.77%)
APSoft-Web-Scanner-v2Powerful dork searcher and vulnerability scanner for windows platform
Stars: ✭ 96 (-73.77%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (-71.31%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-92.08%)
safe-svgSimple and lightweight library that helps to validate SVG files in security manners.
Stars: ✭ 25 (-93.17%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-15.3%)
hackableA python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
Stars: ✭ 61 (-83.33%)
kleespectreKLEESpectre is a symbolic execution engine with speculation semantic and cache modelling
Stars: ✭ 31 (-91.53%)
psf utilsRead Spectre PSF files
Stars: ✭ 20 (-94.54%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-19.67%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-27.05%)
Foxss-XSS-Penetration-Testing-ToolFoxss is a simple php based penetration Testing Tool.Currently it will help to find XSS vulnerability in websites.
Stars: ✭ 35 (-90.44%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-9.56%)
ngx http html sanitize moduleIt's a nginx http module to sanitize HTML5 with whitelisted elements, whitelisted attributes and whitelisted CSS property
Stars: ✭ 14 (-96.17%)
XSS-CheatsheetXSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-92.9%)
Ant实时上线的 XSS 盲打平台
Stars: ✭ 340 (-7.1%)
spectre-canjsA data administration component library built on the Spectre.css framework enabled with CanJS
Stars: ✭ 25 (-93.17%)
litewafLightweight In-App Web Application Firewall for PHP
Stars: ✭ 32 (-91.26%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-93.99%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-21.04%)
SuperXSSMake XSS Great Again
Stars: ✭ 57 (-84.43%)
wasecExamples of security features (or mishaps) on web applications -- these are mostly examples and tutorials from the WASEC book.
Stars: ✭ 74 (-79.78%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (-76.78%)
laravel-xss-filterFilter user input for XSS but don't touch other html
Stars: ✭ 38 (-89.62%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+703.83%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-77.05%)
safe-markedMarkdown to HTML using marked and DOMPurify. Safe by default.
Stars: ✭ 31 (-91.53%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-27.05%)
security-wrapper对springSecurity进行二次开发,提供OAuth2授权(支持跨域名,多应用授权)、JWT、SSO、文件上传、权限系统无障碍接入、接口防刷、XSS、CSRF、SQL注入、三方登录(绑定,解绑)、加密通信等一系列安全场景的解决方案
Stars: ✭ 21 (-94.26%)
Owasp Java EncoderThe OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Stars: ✭ 343 (-6.28%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-91.26%)
deep spectreDeep learning side channel privileged memory reader
Stars: ✭ 46 (-87.43%)
NachtWalReinforced Mitigation Security Filter
Stars: ✭ 17 (-95.36%)
JsshellAn interactive multi-user web JS shell
Stars: ✭ 330 (-9.84%)
html-sanitizerHTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.
Stars: ✭ 18 (-95.08%)
xss-chefA web application for generating custom XSS payloads
Stars: ✭ 70 (-80.87%)
Scaner扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
Stars: ✭ 357 (-2.46%)
sanitizer-polyfillrewrite constructor arguments, call DOMPurify, profit
Stars: ✭ 46 (-87.43%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-96.17%)
meltdown-spectre-bios-lista list of BIOS/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
Stars: ✭ 16 (-95.63%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (-18.03%)
security-cheat-sheetMinimalist cheat sheet for developpers to write secure code
Stars: ✭ 47 (-87.16%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (-56.83%)
Spectre Meltdown CheckerSpectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD
Stars: ✭ 3,482 (+851.37%)
alias-walletOfficial Alias source code repository
Stars: ✭ 5 (-98.63%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-89.62%)
flask-vulnPretty vulnerable flask app..
Stars: ✭ 23 (-93.72%)
Vuejs Serverside Template XssDemo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
Stars: ✭ 278 (-24.04%)
ng-dompurifyInclusive Angular API for DOMPurify
Stars: ✭ 65 (-82.24%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (-1.64%)
Lamp Cloudlamp-cloud 基于Jdk11 + SpringCloud + SpringBoot的微服务快速开发平台,其中的可配置的SaaS功能尤其闪耀, 具备RBAC功能、网关统一鉴权、Xss防跨站攻击、自动代码生成、多种存储系统、分布式事务、分布式定时任务等多个模块,支持多业务系统并行开发, 支持多服务并行开发,可以作为后端服务的开发脚手架。代码简洁,注释齐全,架构清晰,非常适合学习和企业作为基础框架使用。
Stars: ✭ 4,125 (+1027.05%)
AwesomexssAwesome XSS stuff
Stars: ✭ 3,664 (+901.09%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+954.1%)
persistent-clientside-xssExploit generator and Taint Engine to find persistent (and reflected) client-side XSS
Stars: ✭ 19 (-94.81%)