HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+493.04%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-50.43%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+5224.35%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-86.09%)
ExploHuman and machine readable web vulnerability testing format
Stars: ✭ 114 (-50.43%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+756.09%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+503.04%)
JavasecurityJava web and command line applications demonstrating various security topics
Stars: ✭ 182 (-20.87%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+1037.83%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-62.17%)
Python Xss FilterBased on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
Stars: ✭ 115 (-50%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (-27.39%)
Parsevip解析VIP资源,解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
Stars: ✭ 105 (-54.35%)
Webrtcxss利用XSS入侵内网(Use XSS automation Invade intranet)
Stars: ✭ 190 (-17.39%)
Zebra formA jQuery augmented PHP library for creating secure HTML forms, and validating them easily
Stars: ✭ 95 (-58.7%)
XsstrikeMost advanced XSS scanner.
Stars: ✭ 9,822 (+4170.43%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-13.48%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (-36.52%)
ViewstateASP.NET View State Decoder
Stars: ✭ 77 (-66.52%)
SqlinatorAutomatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
Stars: ✭ 70 (-69.57%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (-25.22%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-41.74%)
Waf A MoleA guided mutation-based fuzzer for ML-based Web Application Firewalls
Stars: ✭ 51 (-77.83%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-50.87%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-26.52%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-50%)
XlessThe Serverless Blind XSS App
Stars: ✭ 191 (-16.96%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-29.57%)
XsscopeXSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Stars: ✭ 103 (-55.22%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-7.83%)
WascanWAScan - Web Application Scanner
Stars: ✭ 1,895 (+723.91%)
Lighthouse SecurityRuns the default Google Lighthouse tests with additional security tests
Stars: ✭ 190 (-17.39%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-79.13%)
Cs253.stanford.eduCS 253 Web Security course at Stanford University
Stars: ✭ 155 (-32.61%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (-6.52%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+451.3%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+828.26%)
DomxssscannerDOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
Stars: ✭ 181 (-21.3%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+4340%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-37.39%)
Project TauroA Router WiFi key recovery/cracking tool with a twist.
Stars: ✭ 52 (-77.39%)
Awesome OcapAwesome Object Capabilities and Capability Security
Stars: ✭ 196 (-14.78%)
Pythempentest framework
Stars: ✭ 1,060 (+360.87%)
JiffJavaScript library for building web-based applications that employ secure multi-party computation (MPC).
Stars: ✭ 131 (-43.04%)
Jwt PwnSecurity Testing Scripts for JWT
Stars: ✭ 170 (-26.09%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+344.35%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (-43.91%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+323.48%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (-3.48%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (-6.96%)
C4Open IP cameras in IPv4
Stars: ✭ 123 (-46.52%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-83.91%)