592 Open source projects that are alternatives of or similar to Xss Listener

Web Scan Lazy Tools - Python Package

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

🔒 SecureHeaders wrapper for Laravel.

A PowerShell armoury for penetration testers or other random security guys

🔨 Manage your website via terminal

Awesome Golang Security resources 🕶🔐

Toolset for detecting reflected xss in websites

Telling tales on you for leaking secrets!

Next generation web scanner

🔐 Open Source Python Keylogger Collection

Pretty vulnerable flask app..

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

PacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.

A curated list of various bug bounty tools

Filter user input for XSS but don't touch other html

Fully automated offensive security framework for reconnaissance and vulnerability scanning

A library to check for compromised passwords

Small but effective wordlist for brute-forcing and discovering hidden things.

The clever vulnerability dependency finder

A Python Tool For google Hacking

Secure, human-friendly, cross-platform secrets and config.

Proof of Concept code for CVE-2015-0345 (APSB15-07)

Tools to automate and/or expedite response.

secureCodeBox (SCB) - continuous secure delivery out of the box

Extraction of iMessage Data via XSS

Machine Learning based Intrusion Detection Systems are difficult to evaluate due to a shortage of datasets representing accurately network traffic and their associated threats. In this project we attempt at solving this problem by presenting two taxonomies

myscan 被动扫描

Open Repository for the Open Security and Privacy Reference Architecture

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

🍿 The perfect Checklist Website for meticulous developers.

A Deep Graph-based Toolbox for Fraud Detection

The opposite of Ruler, provides blue teams with the ability to detect Ruler usage against Exchange.

Disassemble ANY files including .so (NDK, JNI), Windows PE(EXE, DLL, SYS, etc), linux binaries, libraries, and any other files such as pictures, audios, etc(for fun)files on Android. Capstone-based disassembler application on android. 안드로이드 NDK 공유 라이브러리, Windows 바이너리, etc,... 리버싱 앱

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

👻Impost3r -- A linux password thief

Trigram database written in C++, suited for malware indexing

GitGuardian Shield GitHub Action - Find exposed credentials in your commits

USB testing made easy

Look-Ahead Java Deserialization Library

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

findWebshell是一款基于python开发的webshell检测工具。

Application and Service Fingerprinting

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

Documentation:

PHP安全SDK及编码规范

Detection of phishing domains and domain squatting. Supports permutations such as homograph attack, typosquatting and bitsquatting.

utility to sanitize hast nodes

Tool for viewing and analyzing execution traces

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

Source Code Security Audit (源代码安全审计)

An OSINT Metadata analyzing tool that filters through tags and creates reports

The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!

Hyuga 一个用来记录DNS查询和HTTP请求的监控工具。

Web-based Source Code Vulnerability Scanner

A Deliberately Insecure Web Application

Custom memory allocator that helps discover reads from uninitialized memory

OSS Vulnerability Scanner for Windows Platform

A "SIP Torture" (RFC 4475) testing suite.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

A collection of Ansible Playbooks that configure Kali to use Fish & install a number of tools