46 results found Sort:

qazbnm456
awesome-web-security qazbnm456
1.7k
10.9k
unknown
379
🐶 A curated list of Web Security materials and resources.
web list awesome security websecurity awesome-list penetration-testing
Created 2017-01-29
436 commits to master branch, last one 3 years ago
payloadbox
xss-payload-list payloadbox
1.6k
5.8k
mit
138
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
xss payload xss-poc payloads self-xss bugbounty dom-based websecurity xss-attacks xss-payload xss-scanner xss-payloads xss-scanners xss-detection xss-injection xss-exploitation xss-vulnerability cross-site-scripting website-vulnerability reflected-xss-vulnerabilities
Created 2018-04-23
50 commits to master branch, last one about a year ago
payloadbox
sql-injection-payload-list payloadbox
1.1k
4.4k
mit
91
🎯 SQL Injection Payload List
hacking payload attacker payloads bugbounty injection sql-inject websecurity owasp-top-10 sql-injection sql-injections injection-attacks security-research injection-payloads sql-injection-proof sql-injection-attack sql-injection-attacks sql-injection-filterer sql-injection-payloads sql-injection-exploitation
Created 2019-10-30
16 commits to master branch, last one 2 years ago
insightglacier
Dictionary-Of-Pentesting insightglacier
345
1.8k
unknown
47
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
dns rce wifi fuzzing pentest database password payloads bugbounty subdomain bruteforce dictionary pentesting fingerprint spring-boot websecurity iot-security bugbountytips regex-pattern bughunting-methodology
Created 2020-08-26
106 commits to master branch, last one about a year ago
0Chencc
CTFCrackTools 0Chencc
298
1.8k
gpl-3.0
60
China's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
ctf java jython python ctf-tools framework kotlin-java websecurity
Created 2016-08-26
18 commits to master branch, last one 2 months ago
HolyBugx
HolyTips HolyBugx
295
1.7k
gpl-3.0
77
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
api web webapp pentest security writeups bugbounty checklist pentesting websecurity api-security bugbountytips bugbounty-writeups
Created 2021-03-21
46 commits to main branch, last one 2 years ago
zer0yu
CyberSecurityRSS zer0yu
238
1.7k
unknown
81
CyberSecurityRSS: A collection of cybersecurity rss to make you better!
rss redteam security websecurity knowledgebase rss-subscription cyberspace-security
Created 2017-12-05
61 commits to master branch, last one 5 days ago
greenpau
caddy-security greenpau
68
1.3k
apache-2.0
17
🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML...
acl jwt sso auth ldap saml caddy2 oauth2 openid paseto secops security webauthn secdevops websecurity caddy-plugin authorization paseto-tokens access-control authentication
Created 2022-01-15
173 commits to main branch, last one about a month ago
blst-security
cherrybomb blst-security
77
1.1k
apache-2.0
12
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
api cli blst http cyber openapi openapi3 security firecracker open-source websecurity api-security web-security cybersecurity best-practices business-logic security-tools web-sec-scanner
Created 2021-11-17
515 commits to main branch, last one 6 months ago
payloadbox
xxe-injection-payload-list payloadbox
283
1.0k
mit
24
🎯 XML External Entity (XXE) Injection Payload List
xml xxe hacking infosec payload payloads bugbounty bug-bounty xml-entity websecurity xxe-example xxe-payload xxe-payloads cybersecurity xxe-injection cyber-security xxe-payload-list information-security websecurity-reference web-application-security
Created 2019-11-19
15 commits to master branch, last one about a year ago
rhaidiz
broxy rhaidiz
58
998
gpl-3.0
18
An HTTP/HTTPS intercept proxy written in Go.
go wapt broxy proxy golang hacking qt5-gui security http-proxy qt-wrapper interceptor websecurity http-security http-interceptor penetration-testing penetration-testing-tools
Created 2020-01-08
144 commits to master branch, last one 2 years ago
Proviesec
google-dorks Proviesec
157
849
unknown
17
Useful Google Dorks for WebSecurity and Bug Bounty
google security bugbounty websecurity cybersecurity
Created 2021-12-21
348 commits to main branch, last one 2 months ago
yeswehack
vulnerable-code-snippets yeswehack
129
847
unknown
25
Twitter vulnerable snippets
code owasp snippets bugbounty vulnerable websecurity code-analyze example-code web-application worst-practices
Created 2022-11-03
390 commits to main branch, last one about a month ago
backdoorhub
shell-backdoor-list backdoorhub
548
669
mit
32
🎯 PHP / ASP - Shell Backdoor List 🎯
c99 php r57 web wso hack b374k kacak shell asp-net hacking backdoor web-shell hackingcode web-hacking websecurity asp-backdoor php-backdoor web-security shell-backdoor
Created 2018-05-30
37 commits to master branch, last one 3 years ago
payloadbox
ssti-payloads payloadbox
122
574
mit
10
🎯 Server Side Template Injection Payloads
web code ssti bounty source payload payloads security bugbounty injection payloadbox websecurity bugbountytips code-security security-audit source-code-analysis server-side-template-injection
Created 2020-06-27
20 commits to master branch, last one about a year ago
payloadbox
rfi-lfi-payload-list payloadbox
177
512
mit
19
🎯 RFI/LFI Payload List
lfi rfi appsec payload payloads security bugbounty bug-bounty web-hacking websecurity payload-list rfi-exploiton lfi-exploitation lfi-vulnerability security-research rfi-vulnerabillity security-researcher application-security security-researchers web-application-security
Created 2019-11-04
13 commits to master branch, last one 2 years ago
glebarez
cero glebarez
70
512
mit
9
Scrape domain names from SSL certificates of arbitrary hosts
ssl tls recon scrape websecurity domain-names
Created 2020-04-26
40 commits to master branch, last one about a year ago
flipkart-incubator
RTA flipkart-incubator
121
407
unknown
37
Red team Arsenal - An intelligent scanner to detect security vulnerabilities in company's layer 7 assets.
nessus python security websecurity security-tools
Created 2018-04-09
28 commits to master branch, last one about a year ago
WangYihang
SourceLeakHacker WangYihang
110
373
unknown
17
:bug: A multi threads web application source leak scanner
scanner webscanner websecurity hacking-tool
Created 2017-03-23
104 commits to master branch, last one 11 days ago
sqlsec
ssrf-vuls sqlsec
57
333
unknown
4
国光的手把手带你用 SSRF 打穿内网靶场源码
ssrf vulhub websecurity
Created 2021-05-09
6 commits to main branch, last one 3 years ago
knassar702
lorsrf knassar702
46
284
gpl-3.0
5
Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load :artificial_satellite: :crab:
rust ssrf fuzzing hacking blindssrf bugbounty bruteforce pentesting websecurity penetration-testing
Created 2020-06-16
93 commits to master branch, last one about a year ago
Fly-Playgroud
Boom Fly-Playgroud
17
284
other
5
Boom 是一款基于无头浏览器的智能 Web 弱口令(后台密码)爆破\检测工具
go-rod golang passwrod websecurity password-cracking-tool
Created 2023-06-15
12 commits to main branch, last one 25 days ago
DontPanicO
jwtXploiter DontPanicO
30
261
gpl-3.0
7
A tool to test security of json web token
ctf jku jwt jwks pentest security ctf-tools pentesting jwt-cracker jwt-exploit websecurity jsonwebtoken jwt-security pentest-tool x5u-injection security-tools pentesting-tools penetration-testing penetration-testing-tools
Created 2020-11-15
238 commits to main branch, last one 3 years ago
VainlyStrain
Vailyn VainlyStrain
24
192
gpl-3.0
7
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
lfi rce websec security takeover lfi-shells pentesting websecurity exploitation pentest-tool filter-evasion path-traversal information-leak lfi-exploitation directory-traversal penetration-testing local-file-inclusion vulnerability-scanners vulnerability-detection vulnerability-assessment
Created 2020-04-19
410 commits to master branch, last one 2 years ago
Mehdi0x90
Web_Hacking Mehdi0x90
31
191
unknown
1
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
owasp recon bypass exploit hacking pentest redteam payloads security bugbounty cheatsheet webhacking api-pentest enumeration websecurity api-security vulnerability bug-bounty-hunters penetration-testing web-application-security
Created 2023-08-18
203 commits to main branch, last one a day ago
payloadbox
csv-injection-payloads payloadbox
71
170
mit
7
🎯 CSV Injection Payloads
csv websec payload payloads security bugbounty bug-bounty payloadbox csv-exploit csv-payload websecurity csv-payloads bugbountytips code-security csv-injection
Created 2020-06-27
8 commits to master branch, last one 11 months ago
bhavesh-pardhi
Wordlist-Hub bhavesh-pardhi
14
137
mit
2
Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiast...
security wordlist brute-force bug-hunting websecurity allwordlists cybersecurity ethical-hacking bugbounty-wordlist webapplicationhacking webapplicationsecurity
Created 2023-08-22
9 commits to main branch, last one 14 days ago
security-prince
Resources-for-Application-Security security-prince
25
128
unknown
9
Some good resources for getting started with application security
ctf owasp appsec websec infosec web-hacking websecurity php-security appsec-tutorials infosec-reference application-security security-engineering websecurity-reference
Created 2018-08-27
44 commits to master branch, last one 3 years ago
dubs3c
Injectus dubs3c
29
108
gpl-3.0
7
CRLF and open redirect fuzzer
python scanner websecurity crlf-injection open-redirect-injection
This repository has been archived (exclude archived)
Created 2020-01-03
12 commits to master branch, last one 2 years ago
Probely
security_checklist Probely
18
108
unknown
15
Web Application Security Checklist
web security checklist prevention websecurity vulnerability
Created 2018-11-04
19 commits to master branch, last one 3 years ago