Veneno Stars: ✭ 230 (+350.98%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (+231.37%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-50.98%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+2372.55%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (+123.53%)
Lighthouse SecurityRuns the default Google Lighthouse tests with additional security tests
Stars: ✭ 190 (+272.55%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+603.92%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (+182.35%)
CJ2018-Final-CTFCyber Jawara 2018 Final - Attack & Defense CTF services environments based on Docker.
Stars: ✭ 58 (+13.73%)
WDIRGood resources about web security that I have read.
Stars: ✭ 14 (-72.55%)
Log KillerClear all your logs in [linux/windows] servers 🛡️
Stars: ✭ 252 (+394.12%)
BurpaBurp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).
Stars: ✭ 427 (+737.25%)
Awesome OcapAwesome Object Capabilities and Capability Security
Stars: ✭ 196 (+284.31%)
shellsumA defense tool - detect web shells in local directories via md5sum
Stars: ✭ 30 (-41.18%)
Jwt PwnSecurity Testing Scripts for JWT
Stars: ✭ 170 (+233.33%)
Corscanner Fast CORS misconfiguration vulnerabilities scanner🍻
Stars: ✭ 601 (+1078.43%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+23911.76%)
cyber-gymDeliberately vulnerable scripts for Web Security training
Stars: ✭ 19 (-62.75%)
C4Open IP cameras in IPv4
Stars: ✭ 123 (+141.18%)
Javaidjava source code static code analysis and danger function identify prog
Stars: ✭ 327 (+541.18%)
firecrackerStop half-done API specifications! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by validating your API specifications.
Stars: ✭ 438 (+758.82%)
guardrailsguardrails.cs.virginia.edu
Stars: ✭ 18 (-64.71%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+2386.27%)
Githacker🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind
Stars: ✭ 524 (+927.45%)
Blind-SSRFNuclei Templates to reproduce Cracking the lens's Research
Stars: ✭ 111 (+117.65%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (+360.78%)
Scant3rScanT3r - Web Security Scanner
Stars: ✭ 248 (+386.27%)
Articles Translator📚Translate the distinct technical blogs. Please star or watch. Welcome to join me.
Stars: ✭ 606 (+1088.24%)
FdsploitFile Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (+290.2%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-29.41%)
LookylooLookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.
Stars: ✭ 381 (+647.06%)
DomxssscannerDOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
Stars: ✭ 181 (+254.9%)
sqlinjection-training-appA simple PHP application to learn SQL Injection detection and exploitation techniques.
Stars: ✭ 56 (+9.8%)
Bunkerized Nginx🛡️ Make your web services secure by default !
Stars: ✭ 2,361 (+4529.41%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (+217.65%)
Cs253.stanford.eduCS 253 Web Security course at Stanford University
Stars: ✭ 155 (+203.92%)
Ssrf vulnerable labThis Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
Stars: ✭ 361 (+607.84%)
JiffJavaScript library for building web-based applications that employ secure multi-party computation (MPC).
Stars: ✭ 131 (+156.86%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-37.25%)
ExploHuman and machine readable web vulnerability testing format
Stars: ✭ 114 (+123.53%)
FavfreakMaking Favicon.ico based Recon Great again !
Stars: ✭ 564 (+1005.88%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+2574.51%)
requests-ip-rotatorA Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Stars: ✭ 323 (+533.33%)
Prestashop Cve 2018 19126PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
Stars: ✭ 37 (-27.45%)
Openftp4A list of all FTP servers in IPv4 that allow anonymous logins.
Stars: ✭ 634 (+1143.14%)
TwaA tiny web auditor with strong opinions.
Stars: ✭ 549 (+976.47%)
CtftoolsPersonal CTF Toolkit
Stars: ✭ 312 (+511.76%)
Virtual-HostModified Nuclei Templates Version to FUZZ Host Header
Stars: ✭ 38 (-25.49%)