litewafLightweight In-App Web Application Firewall for PHP
Stars: ✭ 32 (-99.12%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+71.82%)
html-sanitizerHTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.
Stars: ✭ 18 (-99.5%)
persistent-clientside-xssExploit generator and Taint Engine to find persistent (and reflected) client-side XSS
Stars: ✭ 19 (-99.47%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (-95.63%)
PinaakA vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan
Stars: ✭ 69 (-98.09%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-98.95%)
sanitizer-polyfillrewrite constructor arguments, call DOMPurify, profit
Stars: ✭ 46 (-98.73%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (-91.88%)
Cracker-ToolAll in One CRACKER911181's Tool. This Tool For Hacking and Pentesting. 🎭
Stars: ✭ 181 (-95%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-99.09%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-99.12%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-99.61%)
NachtWalReinforced Mitigation Security Filter
Stars: ✭ 17 (-99.53%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-92.62%)
ng-dompurifyInclusive Angular API for DOMPurify
Stars: ✭ 65 (-98.2%)
security-cheat-sheetMinimalist cheat sheet for developpers to write secure code
Stars: ✭ 47 (-98.7%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-92.01%)
SuperXSSMake XSS Great Again
Stars: ✭ 57 (-98.42%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (-97.65%)
XSS-CheatsheetXSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-99.28%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-98.56%)
safe-markedMarkdown to HTML using marked and DOMPurify. Safe by default.
Stars: ✭ 31 (-99.14%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (-18.71%)
ngx http html sanitize moduleIt's a nginx http module to sanitize HTML5 with whitelisted elements, whitelisted attributes and whitelisted CSS property
Stars: ✭ 14 (-99.61%)
safe-svgSimple and lightweight library that helps to validate SVG files in security manners.
Stars: ✭ 25 (-99.31%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (-91.71%)
wasecExamples of security features (or mishaps) on web applications -- these are mostly examples and tutorials from the WASEC book.
Stars: ✭ 74 (-97.96%)
SQLi-Query-TamperingSQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibility of manual testing with many powerful evasion techniques.
Stars: ✭ 123 (-96.6%)
Commodity Injection SignaturesCommodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
Stars: ✭ 267 (-92.62%)
hackableA python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
Stars: ✭ 61 (-98.31%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-99.39%)
JsshellAn interactive multi-user web JS shell
Stars: ✭ 330 (-90.88%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (-97.1%)
SecExampleJAVA 漏洞靶场 (Vulnerability Environment For Java)
Stars: ✭ 228 (-93.7%)
flask-vulnPretty vulnerable flask app..
Stars: ✭ 23 (-99.36%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-99.2%)
laravel-xss-filterFilter user input for XSS but don't touch other html
Stars: ✭ 38 (-98.95%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-97.68%)
Wordlist404Small but effective wordlist for brute-forcing and discovering hidden things.
Stars: ✭ 101 (-97.21%)
Vuejs Serverside Template XssDemo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
Stars: ✭ 278 (-92.32%)
APSoft-Web-Scanner-v2Powerful dork searcher and vulnerability scanner for windows platform
Stars: ✭ 96 (-97.35%)
XsshellAn XSS reverse shell framework
Stars: ✭ 251 (-93.06%)
xss-chefA web application for generating custom XSS payloads
Stars: ✭ 70 (-98.07%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (-93.34%)
Foxss-XSS-Penetration-Testing-ToolFoxss is a simple php based penetration Testing Tool.Currently it will help to find XSS vulnerability in websites.
Stars: ✭ 35 (-99.03%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-90.85%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-91.43%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+6.6%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-97.04%)