Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1195.54%)
Ssti Payloads🎯 Server Side Template Injection Payloads
Stars: ✭ 150 (-25.74%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-78.71%)
nerdbugFull Nuclei automation script with logic explanation.
Stars: ✭ 153 (-24.26%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (+32.18%)
JWTweakDetects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
Stars: ✭ 85 (-57.92%)
Bucket-FlawsBucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
Stars: ✭ 43 (-78.71%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+108.42%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+16191.58%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+3487.13%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-44.06%)
WstgThe Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1817.33%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+1316.83%)
Loki.RatLoki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.
Stars: ✭ 63 (-68.81%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (-41.09%)
HolyTipsA Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
Stars: ✭ 1,210 (+499.01%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (-72.28%)
swiss-bugbounty-programsList of bug bounty and coordinated vulnerability disclosure programs of companies/organisations in Switzerland
Stars: ✭ 25 (-87.62%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-39.11%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-65.35%)
sub404A python tool to check subdomain takeover vulnerability
Stars: ✭ 205 (+1.49%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+1634.16%)
vapivAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+233.66%)
frida setupOne-click installer for Frida and Burp certs for SSL Pinning bypass
Stars: ✭ 47 (-76.73%)
window-ratThe purpose of this tool is to test the window10 defender protection and also other antivirus protection.
Stars: ✭ 59 (-70.79%)
HatVenomHatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.
Stars: ✭ 84 (-58.42%)
CheatsheetseriesThe OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+9455.45%)
Offensive DockerOffensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+62.38%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (+70.79%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+1703.96%)
Di.we.hRepositório com conteúdo sobre web hacking em português
Stars: ✭ 156 (-22.77%)
Dictionary Of PentestingDictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+143.56%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (+200.5%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+151.98%)
AllaboutbugbountyAll about bug bounty (bypasses, payloads, and etc)
Stars: ✭ 758 (+275.25%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+382.67%)
SubdomainizerA tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Stars: ✭ 915 (+352.97%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+405.94%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+3003.96%)
SubjackSubdomain Takeover tool written in Go
Stars: ✭ 1,194 (+491.09%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+551.49%)
SecurityratOWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (-43.07%)
BbrAn open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
Stars: ✭ 142 (-29.7%)
Web MethodologyMethodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Stars: ✭ 142 (-29.7%)
VPS-Bug-Bounty-ToolsScript that automates the installation of the main tools used for web application penetration testing and Bug Bounty.
Stars: ✭ 44 (-78.22%)
PayloadsAllA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 31 (-84.65%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+129.21%)