Pinned

1. Awesome-WAF Public

   🔥 Web-application firewalls (WAFs) from security standpoint.

   Python 5.1k 943

2. EnableSecurity/wafw00f Public

   WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

   Python 4k 839

3. TIDoS-Framework Public

   The Offensive Manual Web Application Penetration Testing Framework.

   Python 1.6k 394

4. XSRFProbe Public

   The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

   Python 838 174

5. LogMePwn Public

   A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

   Go 363 54

6. redhuntlabs/HTTPLoot Public

   An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites.

   Go 335 35