SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-77.92%)
hackableA python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
Stars: ✭ 61 (-84.52%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (-59.9%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-90.61%)
JanusecJanusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Stars: ✭ 771 (+95.69%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+3008.12%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-91.88%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+646.7%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-62.94%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-90.36%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-96.45%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (-1.27%)
JsshellAn interactive multi-user web JS shell
Stars: ✭ 330 (-16.24%)
WssatWEB SERVICE SECURITY ASSESSMENT TOOL
Stars: ✭ 360 (-8.63%)
Express StormpathBuild simple, secure web applications with Stormpath and Express!
Stars: ✭ 327 (-17.01%)
Express Promise❤️ Middleware for easy rendering of async Query results.
Stars: ✭ 320 (-18.78%)
PracticalnodePractical Node.js, 1st and 2nd Editions [Apress] 📓
Stars: ✭ 3,694 (+837.56%)
Lamp Cloudlamp-cloud 基于Jdk11 + SpringCloud + SpringBoot的微服务快速开发平台,其中的可配置的SaaS功能尤其闪耀, 具备RBAC功能、网关统一鉴权、Xss防跨站攻击、自动代码生成、多种存储系统、分布式事务、分布式定时任务等多个模块,支持多业务系统并行开发, 支持多服务并行开发,可以作为后端服务的开发脚手架。代码简洁,注释齐全,架构清晰,非常适合学习和企业作为基础框架使用。
Stars: ✭ 4,125 (+946.95%)
Express Status Monitor🚀 Realtime Monitoring solution for Node.js/Express.js apps, inspired by status.github.com, sponsored by https://dynobase.dev
Stars: ✭ 3,302 (+738.07%)
Express Starter🚚 A boilerplate for Node.js, Express, Mongoose, Heroku, Atlas, Nodemon, PM2, and Babel. REST / GraphQL API Server | PaaS | SaaS | CI/CD | Jest | Supertest | Docker | MongoDB | PostgreSQL | Sequelize | Lodash | RxJS | JWT | Passport | WebSocket | Redis | CircleCI | Apollo | DevSecOps | Microservices | Backend Starter Kit | ES6
Stars: ✭ 353 (-10.41%)
Nest AngularNestJS, Angular 6, Server Side Rendering (Angular Universal), GraphQL, JWT (JSON Web Tokens) and Facebook/Twitter/Google Authentication, Mongoose, MongoDB, Webpack, TypeScript
Stars: ✭ 307 (-22.08%)
Judo HeroesA React application to showcase rendering with Universal JavaScript
Stars: ✭ 373 (-5.33%)
Bulletproof NodejsImplementation of a bulletproof node.js API 🛡️
Stars: ✭ 4,369 (+1008.88%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-15.99%)
SmokeTurns a Web Browser into a Web Server with WebRTC
Stars: ✭ 326 (-17.26%)
StrimpackA platform for livestreamers to make a home for their audience.
Stars: ✭ 378 (-4.06%)
Nuxt Ssr✨vue+nuxt+sass+node+express+MongoDB 实现的SSR项目。
Stars: ✭ 323 (-18.02%)
Scaner扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
Stars: ✭ 357 (-9.39%)
GrantOAuth Proxy
Stars: ✭ 3,509 (+790.61%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-21.32%)
W3afw3af: web application attack and audit framework, the open source web vulnerability scanner.
Stars: ✭ 3,804 (+865.48%)
Express Promise RouterA lightweight wrapper for Express 4's Router that allows middleware to return promises
Stars: ✭ 309 (-21.57%)
Node Abc《Node.js入门教程》
Stars: ✭ 306 (-22.34%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-23.6%)
Vue Crud XVue+Express Cookbook & CRUD Component (with Vite and Web Components)
Stars: ✭ 393 (-0.25%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (-23.86%)
Vue ChessMultiplayer online chess game use Vue , Nodejs, Webpack, Em6, Socket.io, Mongodb, Express
Stars: ✭ 350 (-11.17%)
Many People Blog🎈基于vue+node+mysql的多人博客,带后台管理系统。支持:登陆/注册,留言,评论/回复,点赞,记录浏览数量,带有相册功能,内容丰富,当然也可以发表文章。欢迎使用!
Stars: ✭ 300 (-23.86%)
NoscriptThe popular NoScript Security Suite browser extension.
Stars: ✭ 366 (-7.11%)
Woo Next🚀 React WooCommerce theme, built with Next JS, Webpack, Babel, Node, Express, using GraphQL and Apollo Client
Stars: ✭ 342 (-13.2%)
Jianshu仿简书nx+nodejs+nestjs6+express+mongodb+angular8+爬虫
Stars: ✭ 296 (-24.87%)
Owasp Java EncoderThe OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Stars: ✭ 343 (-12.94%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-26.65%)
InstacloneAn instagram clone created with the MERN stack
Stars: ✭ 289 (-26.65%)
XsserFrom XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Stars: ✭ 381 (-3.3%)
Node Tutorial☺️Some of the node tutorial -《Node学习笔记》
Stars: ✭ 364 (-7.61%)
Sqli HunterSQLi-Hunter is a simple HTTP / HTTPS proxy server and a SQLMAP API wrapper that makes digging SQLi easy.
Stars: ✭ 340 (-13.71%)
Pro Mern StackCode Listing for the book Pro MERN Stack
Stars: ✭ 290 (-26.4%)
Express Graphql Mongodb BoilerplateA boilerplate for Node.js apps / GraphQL-API / Authentication from scratch - express, graphql - (graphql compose), mongodb (mongoose).
Stars: ✭ 288 (-26.9%)