#

web-security

Here are 159 public repositories matching this topic...

Hacker0x01 / hacker101

Star

Source code for Hacker101.com - a free online web and mobile security class.

education security hacking xss sql-injection csrf web-security clickjacking hackerone session-fixation hacker101 unchecked-redirects

Updated Oct 12, 2020
SCSS

Mobile-Security-Framework-MobSF

MobSF / Mobile-Security-Framework-MobSF

Star

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Updated Nov 4, 2020
Python

nahamsec / Resources-for-Beginner-Bug-Bounty-Hunters

Star

A list of resources for those interested in getting started in bug bounties

education hackers hacking xss bug-bounty web-security pentest ssrf bug-bounty-hunters learn2hack

Updated Oct 17, 2020

infoslack / awesome-web-hacking

Star

A list of web application security

scanner hacking penetration-testing web-security vulnerabilities metasploit web-hacking hacking-tools

Updated Oct 4, 2020

0xSobky / HackVault

Star

A container repository for my public web hacks!

tracking exploit regex xss fuzzing web-security pentesting payloads reconnaissance web-hacks

Updated Sep 7, 2018
JavaScript

bt3gl / Pentesting_Toolkit

Star

🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️

linux cryptography rubber-ducky network reverse-engineering hacking forensics steganography infosec web-security pentesting ctf wargame post-exploitation vulnerabilities iocs botnets malwares gray-hacker-resources

Updated Sep 15, 2020
C

awesome-nodejs-security

lirantal / awesome-nodejs-security

Star

Awesome Node.js Security resources

nodejs security owasp cybersecurity infosec web-security vulnerabilities pentest

Updated Nov 3, 2020
JavaScript

turbo / openftp4

Star

A list of all FTP servers in IPv4 that allow anonymous logins.

ftp web-security

Updated Mar 20, 2018

trailofbits / twa

Star

Open

Add more ports to stage 7

4

woodruffw commented Sep 9, 2020

There are lots of other common development ports that we should check for, including (but not limited to):

5000 (Flask and Kestrel's default port)
9200 (Elasticsearch's REST API)

Read more

enhancement good first issue help wanted

Open

More .well-known checks

Open

WAF detection

5

chenjj / CORScanner

Star

Fast CORS misconfiguration vulnerabilities scanner🍻

python cors python3 web-security vulnerability-scanners cors-misconfigurations cors-policy cors-scanner

Updated Aug 12, 2020
Python

devanshbatham / FavFreak

Star

Making Favicon.ico based Recon Great again !

osint hacking web-security recon bugbounty bughunting information-gathering webappsec reconnaissance

Updated Nov 9, 2020
Python

0x4D31 / burpa

Star

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

python security devops automation web-security burp security-scanner burpsuite security-automation security-tools

Updated Aug 1, 2018
Python

WangYihang / GitHacker

Star

🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind

git web-security githack

Updated Oct 9, 2020
Python

Lookyloo / lookyloo

Star

Open

Naming of things (consistency and clarity issues)

8

Rafiot commented Nov 2, 2020

The following terms need to be replaced everywhere:

scrape: before using capture, we used scrape/scraping. The few remaining places where scrape is used need to be changed.
flag: rename to bookmark => Lookyloo/lookyloo#114
legitimate: rename to known

Read more

UI Improvements good first issue

Open

Action buttons/ inconsistency of colours

1

Open

Tag/label feature persistent

1

Find more good first issues →

incredibleindishell / SSRF_Vulnerable_Lab

Star

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

attack lab hacking web-security exploitation ssrf server-side-request-forgery

Updated Sep 29, 2020
PHP

enkomio / Taipan

Star

Web application vulnerability scanner

security security-audit web hacking web-application application-security web-security hacking-tool security-scanner security-automation security-tools web-security-research web-sec-scanner security-testing taipan

Updated Jul 5, 2020

Cryin / JavaID

Star

java source code static code analysis and danger function identify prog

web-security java-code-audit

Updated Feb 18, 2019
Python

Rizer0 / Log-killer

Star

Clear all your logs in [linux/windows] servers 🛡️

security logs hacking web-security server-management

Updated Apr 9, 2020
PHP

backdoorhub / shell-backdoor-list

Star

🎯 PHP / ASP - Shell Backdoor List 🎯

Updated Jun 8, 2020
PHP

zhuyingda / veneno

Star

security xss web-security

Updated Apr 10, 2019
JavaScript

knassar702 / scant3r

Star

ScanT3r - Web Security Scanner

linux python3 rce bug-bounty sql-injection web-security xss-scanners hacking-tool web-scanner hacking-tools ssti

Updated Nov 7, 2020
Python

voorhoede / lighthouse-security

Star

Runs the default Google Lighthouse tests with additional security tests

cli security reporting audit developer-tools web-security lighthouse

Updated Dec 9, 2018
JavaScript

mike-works / web-security-fundamentals

Star

👨‍🏫 Mike's Web Security Course

cors security course xss csrf web-security clickjacking

Updated Nov 5, 2020
JavaScript

dckc / awesome-ocap

Star

Awesome Object Capabilities and Capability Security

javascript security awesome-list web-security capabilities ocap

Updated Oct 27, 2020

chrispetrou / FDsploit

Star

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Updated Oct 7, 2020
Python

domxssscanner

yaph / domxssscanner

Star

DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities

dom scanner xss-vulnerability web-security domxss online-tool

Updated Jan 17, 2019
HTML

mazen160 / jwt-pwn

Star

Security Testing Scripts for JWT

jwt web-security jwt-cracker jwt-pwn

Updated Jul 29, 2020
Python

codingo / Minesweeper

Star

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

security-audit blacklist bitcoin hacking cryptocurrency penetration-testing web-security bugbounty hacking-tool security-scanner burp-plugin burpsuite security-tools burp-extensions blacklist-extension burpsuitepro coinhive cryptojacking coinhive-miners web-application-hacking

Updated Jul 8, 2019
Python

feross / cs253.stanford.edu

Star

CS 253 Web Security course at Stanford University

javascript security web stanford web-security

Updated Mar 24, 2020
JavaScript

serain / bbrecon

Star

Python library and CLI for the Bug Bounty Recon API

security osint hacking cybersecurity web-security recon bugbounty bugcrowd hackerone federacy hackenproof bugbountytips yeswehack bug-bounty-recon

Updated Nov 3, 2020
Python

Improve this page

Add a description, image, and links to the web-security topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the web-security topic, visit your repo's landing page and select "manage topics."

You can’t perform that action at this time.