ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+4102.86%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+108.57%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (+91.43%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-80%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+455.71%)
XsstrikeMost advanced XSS scanner.
Stars: ✭ 9,822 (+13931.43%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+320%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+1360%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+3638.57%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+244.29%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-52.86%)
SuperXSSMake XSS Great Again
Stars: ✭ 57 (-18.57%)
hsploitAn advanced command-line search engine for Exploit-DB
Stars: ✭ 16 (-77.14%)
ng-dompurifyInclusive Angular API for DOMPurify
Stars: ✭ 65 (-7.14%)
dark-lord-obamaAV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities
Stars: ✭ 61 (-12.86%)
security-wrapper对springSecurity进行二次开发,提供OAuth2授权(支持跨域名,多应用授权)、JWT、SSO、文件上传、权限系统无障碍接入、接口防刷、XSS、CSRF、SQL注入、三方登录(绑定,解绑)、加密通信等一系列安全场景的解决方案
Stars: ✭ 21 (-70%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-50%)
persistent-clientside-xssExploit generator and Taint Engine to find persistent (and reflected) client-side XSS
Stars: ✭ 19 (-72.86%)
rsmReverse shell manager using tmux and ncat
Stars: ✭ 29 (-58.57%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (+245.71%)
MailRipV3SMTP and IMAP checker / cracker for mailpass combolists with a user-friendly GUI, automated inbox test and many more features.
Stars: ✭ 28 (-60%)
reverse-sshStatically-linked ssh server with reverse shell functionality for CTFs and such
Stars: ✭ 548 (+682.86%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-45.71%)
Learning-Node.js-SecurityA Collection of articles, videos, blogs, talks and other materials on Node.js Security
Stars: ✭ 25 (-64.29%)
VulWebajuVulWebaju is a platform that automates setting up your pen-testing environment for learning purposes.
Stars: ✭ 53 (-24.29%)
wasecExamples of security features (or mishaps) on web applications -- these are mostly examples and tutorials from the WASEC book.
Stars: ✭ 74 (+5.71%)
lazyaircrackAutomated tool for WiFi hacking.
Stars: ✭ 301 (+330%)
litewafLightweight In-App Web Application Firewall for PHP
Stars: ✭ 32 (-54.29%)
Kali-Linux-EbooksTop 20 Kali Linux Related E-books (Free Download)
Stars: ✭ 134 (+91.43%)
cyber-gymDeliberately vulnerable scripts for Web Security training
Stars: ✭ 19 (-72.86%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (+21.43%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (+7.14%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-54.29%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (+20%)
Deep-InsideCommand line tool that allows you to explore IoT devices by using Shodan API.
Stars: ✭ 22 (-68.57%)
APSoft-Web-Scanner-v2Powerful dork searcher and vulnerability scanner for windows platform
Stars: ✭ 96 (+37.14%)
Reconky-Automated Bash ScriptReconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.
Stars: ✭ 167 (+138.57%)
oscp-omnibusA collection of resources I'm using while working toward the OSCP
Stars: ✭ 46 (-34.29%)
WebspoiltThis script will you help to find the information about the website and to help in penetrating testing
Stars: ✭ 34 (-51.43%)
NarthexModular personalized dictionary generator.
Stars: ✭ 156 (+122.86%)
vsauditVOIP Security Audit Framework
Stars: ✭ 104 (+48.57%)
domhttpxdomhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.
Stars: ✭ 59 (-15.71%)
ngx http html sanitize moduleIt's a nginx http module to sanitize HTML5 with whitelisted elements, whitelisted attributes and whitelisted CSS property
Stars: ✭ 14 (-80%)
IMAPLoginTesterA simple Python script that reads a text file with lots of e-mails and passwords, and tries to check if those credentials are valid by trying to login on IMAP servers.
Stars: ✭ 47 (-32.86%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-48.57%)
linklink is a command and control framework written in rust
Stars: ✭ 345 (+392.86%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (+501.43%)
BackToMeLittle tool made in python to create payloads for Linux, Windows and OSX with unique handler
Stars: ✭ 61 (-12.86%)
NachtWalReinforced Mitigation Security Filter
Stars: ✭ 17 (-75.71%)
safe-markedMarkdown to HTML using marked and DOMPurify. Safe by default.
Stars: ✭ 31 (-55.71%)
NightingaleIt's a Docker Environment for pentesting which having all the required tool for VAPT.
Stars: ✭ 119 (+70%)