BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+1747.92%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+204.17%)
Botwall4jA botwall for Java web applications
Stars: ✭ 41 (-14.58%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+1929.17%)
litewafLightweight In-App Web Application Firewall for PHP
Stars: ✭ 32 (-33.33%)
Waf🚦Web Application Firewall or API Gateway(应用防火墙/API网关)
Stars: ✭ 547 (+1039.58%)
aws-firewall-factoryDeploy, update, and stage your WAFs while managing them centrally via FMS.
Stars: ✭ 72 (+50%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+5862.5%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+2789.58%)
CidramCIDRAM: Classless Inter-Domain Routing Access Manager.
Stars: ✭ 86 (+79.17%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (+341.67%)
waf4wordpressWAF for WordPress 🔥 with 60+ security checks and weekly updates
Stars: ✭ 102 (+112.5%)
Docker WafAn NGINX and ModSecurity based Web Application Firewall for Docker
Stars: ✭ 181 (+277.08%)
JanusecJanusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Stars: ✭ 771 (+1506.25%)
WhatwafDetect and bypass web application firewalls and protection systems
Stars: ✭ 1,881 (+3818.75%)
AtscanAdvanced dork Search & Mass Exploit Scanner
Stars: ✭ 817 (+1602.08%)
Awesome Waf🔥 Everything about web-application firewalls (WAF).
Stars: ✭ 4,047 (+8331.25%)
Cerberus一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Stars: ✭ 389 (+710.42%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (+362.5%)
Laravel FirewallWeb Application Firewall (WAF) package for Laravel
Stars: ✭ 544 (+1033.33%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+1664.58%)
Sqlivmassive SQL injection vulnerability scanner
Stars: ✭ 840 (+1650%)
Simple Sh DatascienceA collection of Bash scripts and Dockerfiles to install data science Tool, Lib and application
Stars: ✭ 32 (-33.33%)
AppserverA multithreaded application server for PHP, written in PHP.
Stars: ✭ 930 (+1837.5%)
DompurifyDOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Stars: ✭ 8,177 (+16935.42%)
Erl EnvMake retrieving configuration parameters super fast(7x faster than application:get_env)and stable.
Stars: ✭ 32 (-33.33%)
HtmlsanitizerCleans HTML to avoid XSS attacks
Stars: ✭ 938 (+1854.17%)
VhdattachA small tool that allows for easy virtual disk attach/detach and auto-mount.
Stars: ✭ 42 (-12.5%)
VenonaCodefresh runtime-environment agent
Stars: ✭ 31 (-35.42%)
Diycode[暂停维护]diycode android app
Stars: ✭ 931 (+1839.58%)
Fogga Kanban🎽 React Kanban Dashboard Template
Stars: ✭ 46 (-4.17%)
WhitewidowSQL Vulnerability Scanner
Stars: ✭ 926 (+1829.17%)
Arbitrium RatArbitrium is a cross-platform, fully undetectable remote access trojan, to control Android, Windows and Linux and doesn't require any firewall exceptions or port forwarding rules
Stars: ✭ 938 (+1854.17%)
Alltomp3 AppDownload and Convert YouTube, SoundCloud & Spotify in MP3 with full tags (title, artist, genre, cover, lyrics 🔥)
Stars: ✭ 920 (+1816.67%)
PywallPython firewall.
Stars: ✭ 27 (-43.75%)
WhourTool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.
Stars: ✭ 18 (-62.5%)
Auto AppCrie um aplicativo com todas as tabelas de um dos seus bancos sem uma linha de código.
Stars: ✭ 18 (-62.5%)
SipcheckSIPCheck is a tool that watch the authentication of users of Asterisk and bans automatically if some user (or bot) try to register o make calls using wrong passwords.
Stars: ✭ 20 (-58.33%)
Git StuffA python script that tells about GitHub users and repositories.
Stars: ✭ 16 (-66.67%)
ImagejsSmall tool to package javascript into a valid image file.
Stars: ✭ 828 (+1625%)
Haproxy WiWeb interface for managing Haproxy, Nginx and Keepalived servers
Stars: ✭ 823 (+1614.58%)
Java Sec CodeJava web common vulnerabilities and security code which is base on springboot and spring security
Stars: ✭ 1,033 (+2052.08%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+2029.17%)
FilterbypassBrowser's XSS Filter Bypass Cheat Sheet
Stars: ✭ 884 (+1741.67%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+1558.33%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+1547.92%)
Crm ApplicationOroCRM - an open-source Customer Relationship Management application.
Stars: ✭ 785 (+1535.42%)
WafidWafid identify and fingerprint Web Application Firewall (WAF) products.
Stars: ✭ 39 (-18.75%)
Ufw DockerTo fix the Docker and UFW security flaw without disabling iptables
Stars: ✭ 878 (+1729.17%)
Docker HostA docker sidecar container to forward all traffic to local docker host or any other host
Stars: ✭ 769 (+1502.08%)
JxwafJXWAF(锦衣盾)是一款开源web应用防火墙
Stars: ✭ 768 (+1500%)