#

websecurity

Here are 175 public repositories matching this topic...

qazbnm456 / awesome-web-security

Sponsor

🐶 A curated list of Web Security materials and resources.

security list awesome web penetration-testing awesome-list websecurity

Updated Jun 14, 2022

payloadbox / xss-payload-list

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

xss xss-vulnerability xss-scanners bugbounty xss-scanner xss-exploitation xss-detection payload payloads xss-attacks xss-injection websecurity dom-based xss-poc cross-site-scripting reflected-xss-vulnerabilities website-vulnerability xss-payloads self-xss xss-payload

Updated Jun 28, 2022

payloadbox / sql-injection-payload-list

🎯 SQL Injection Payload List

injection hacking attacker sql-injection bugbounty payload payloads websecurity owasp-top-10 security-research injection-attacks sql-injection-attacks sql-injection-exploitation sql-injection-proof sql-inject sql-injections sql-injection-filterer sql-injection-attack sql-injection-payloads injection-payloads

Updated May 28, 2022

0Chencc / CTFCrackTools

China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关

python java framework ctf jython ctf-tools websecurity kotlin-java

Updated May 11, 2022
Java

zer0yu / CyberSecurityRSS

CyberSecurityRSS: 优秀的网络安全知识来源 / A collection of cybersecurity rss to make you better!

rss security knowledgebase websecurity redteam rss-subscription cyberspace-security

Updated Jun 29, 2022

HolyTips

HolyBugx / HolyTips

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

api checklist security web webapp pentesting writeups bugbounty pentest websecurity api-security bugbountytips bugbounty-writeups

Updated Sep 5, 2021

insightglacier / Dictionary-Of-Pentesting

Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。

Updated May 9, 2022
Shell

rhaidiz / broxy

An HTTP/HTTPS intercept proxy written in Go.

go golang security proxy http-proxy hacking penetration-testing interceptor qt5-gui websecurity http-security http-interceptor qt-wrapper wapt penetration-testing-tools broxy

Updated Feb 11, 2022
Go

pen4uin / awesome-pentest-note

渗透测试☞经验/思路/总结/想法

infosec pentest hacker websecurity redteaming

Updated Apr 11, 2022

payloadbox / xxe-injection-payload-list

🎯 XML External Entity (XXE) Injection Payload List

Updated Jan 6, 2020

YagamiiLight / Cerberus

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

python middleware proxy waf xss penetration-testing sql-injection bypass hacking-tool ssrf security-tools websecurity

Updated Jan 5, 2020
Python

findneo / Newbie-Security-List

网络安全学习资料，欢迎补充

security ctf websecurity resource-list greenhand

Updated Oct 23, 2018

710leo / ZVulDrill

Web漏洞演练平台

security websecurity

Updated Mar 7, 2017
CSS

cherrybomb

blst-security / cherrybomb

Open

Homebrew method of installation

1

remyleone commented May 6, 2022

Is your feature request related to a problem? Please describe.

I would like to install and receive upgrades for cherrybomb using my package manager on macOS. Homebrew.

Describe the solution you'd like

I would like to do a brew install cherrybomb to install cherrybomb to the latest version.

Describe alternatives you've considered

Installing it using a script. I would pref

Read more

enhancement good first issue help wanted

Open

More passive checks

Open

💡 Provide CherryBomb in an official Docker image

7

caddy-security

greenpau / caddy-security

Sponsor

🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐

Updated Jun 20, 2022
Go

backdoorhub / shell-backdoor-list

🎯 PHP / ASP - Shell Backdoor List 🎯

Updated Jun 8, 2020
PHP

security-prince / Application-Security-Engineer-Interview-Questions

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

xss vulnerability infosec application-security interview-questions appsec webappsec sdlc websecurity devsecops security-engineering websec websecurity-reference security-team security-engineer-interview

Updated Aug 7, 2020

flipkart-incubator / RTA

Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.

python security nessus security-tools websecurity

Updated Dec 11, 2018
Python

payloadbox / open-redirect-payload-list

🎯 Open Redirect Payload List

security payload payloads websecurity open-redirect openredirect payload-list

Updated Jan 10, 2020

payloadbox / rfi-lfi-payload-list

🎯 RFI/LFI Payload List

security bug-bounty application-security bugbounty appsec payload payloads lfi rfi web-hacking websecurity web-application-security security-research security-researcher lfi-exploitation payload-list lfi-vulnerability security-researchers rfi-exploiton rfi-vulnerabillity

Updated Jun 9, 2021

WangYihang / SourceLeakHacker

🐛 A multi threads web application source leak scanner

scanner hacking-tool websecurity webscanner

Updated Jun 14, 2021
Python

payloadbox / ssti-payloads

🎯 Server Side Template Injection Payloads

security security-audit web code injection source bounty bugbounty payload payloads websecurity source-code-analysis ssti server-side-template-injection code-security bugbountytips payloadbox

Updated Mar 3, 2022

glebarez / cero

Scrape domain names from SSL certificates of arbitrary hosts

tls ssl scrape recon websecurity domain-names

Updated May 12, 2022
Go

sqlsec / ssrf-vuls

国光的手把手带你用 SSRF 打穿内网靶场源码

ssrf websecurity vulhub

Updated May 10, 2021
PHP

DontPanicO / jwtXploiter

A tool to test security of json web token

security jwt penetration-testing jsonwebtoken jwt-cracker pentesting ctf pentest ctf-tools security-tools websecurity pentest-tool jwks jwt-security pentesting-tools penetration-testing-tools jku x5u-injection jwt-exploit

Updated Mar 12, 2021
Python

radenvodka / Recsech

Recsech is a tool for doing Footprinting and Reconnaissance on the target web. Recsech collects information such as DNS Information, Sub Domains, HoneySpot Detected, Subdomain takeovers, Reconnaissance On Github and much more you can see in Features in tools .

dns php security-audit research tools scanner penetration-testing recon security-vulnerability hacking-tool security-tools websecurity reconnaissance scanner-web subdomain-enumeration subdomain-takeovers penetration-testing-tools scanner-vulnerability recon-tools recsech

Updated Mar 12, 2020
PHP

xinali / articles

Personal Blog/主记录漏洞挖掘相关研究(文章位于issues)

binary blogs websecurity binary-security

Updated Jul 28, 2020

Vailyn

VainlyStrain / Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

security penetration-testing rce pentesting exploitation information-leak vulnerability-detection takeover vulnerability-scanners vulnerability-assessment lfi directory-traversal websecurity pentest-tool websec lfi-exploitation local-file-inclusion path-traversal lfi-shells filter-evasion

Updated Sep 25, 2021
Python

knassar702 / lorsrf

find the parameters that can be used to find SSRF or Out-of-band resource load

rust hacking bruteforce penetration-testing fuzzing pentesting bugbounty ssrf websecurity blindssrf

Updated Apr 8, 2022
Rust

wossl33 / wossl

OpenSSL对称算法、哈希校验、非对称算法、证书管理、SSL安全

python openssl ssllabs ssl-certificate flask-web pyopenssl websecurity

Updated Jun 9, 2018
Python

Improve this page

Add a description, image, and links to the websecurity topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the websecurity topic, visit your repo's landing page and select "manage topics."