Trending repositories for topic web-security
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
🛡️ Open-source and next-generation Web Application Firewall (WAF)
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.
A list of resources for those interested in getting started in bug bounties
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directl...
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
Source code for Hacker101.com - a free online web and mobile security class.
A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directl...
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
🛡️ Open-source and next-generation Web Application Firewall (WAF)
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
A list of resources for those interested in getting started in bug bounties
Source code for Hacker101.com - a free online web and mobile security class.
A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
🛡️ Open-source and next-generation Web Application Firewall (WAF)
A list of resources for those interested in getting started in bug bounties
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
This repo contains a complete guidance for Frontend Interview Preparation.
A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directl...
A Huge Learning Resources with Labs For Offensive Security Players
A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
Enhanced BurpGPT 是一个强大的 Burp Suite 插件。通过分析指定的 HTTP 请求和响应,帮助安全测试人员更快速地发现潜在的安全漏洞。
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
This repo contains a complete guidance for Frontend Interview Preparation.
🛡️ Open-source and next-generation Web Application Firewall (WAF)
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directl...
🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
A Huge Learning Resources with Labs For Offensive Security Players
A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
🛡️ Open-source and next-generation Web Application Firewall (WAF)
A list of resources for those interested in getting started in bug bounties
This repo contains a complete guidance for Frontend Interview Preparation.
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
Source code for Hacker101.com - a free online web and mobile security class.
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
Enhanced BurpGPT 是一个强大的 Burp Suite 插件。通过分析指定的 HTTP 请求和响应,帮助安全测试人员更快速地发现潜在的安全漏洞。
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
Enhanced BurpGPT 是一个强大的 Burp Suite 插件。通过分析指定的 HTTP 请求和响应,帮助安全测试人员更快速地发现潜在的安全漏洞。
This repo contains a complete guidance for Frontend Interview Preparation.
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
A simple PHP application to learn SQL Injection detection and exploitation techniques.
Safeguard your online experience with Anti-Phishing Extension! This extension is meticulously developed to protect users from potential phishing attacks by actively scanning the websites visited in re...
恶意IP全自动封禁平台。支持收集如下安全设备告警:长亭WAF社区版(SafeLine)、微步蜜罐HFish、奇安信天眼、奇安信椒图、绿盟WAF、科来网络安全分析审计系统。支持如下设备联动封禁:RouterOS、OPNsense、CheckPoint、旁路阻断(无需设备配合)、奇安信防火墙
📚 An ultimate collection wordlists of the best-known CMS
Small & Fast Vulnerability Scanner Engine based on XRAY YAML Rule | 基于 XRAY YAML 规则的超轻量快速漏洞扫描引擎 | 基于 ANTLR 实现语法分析和完整的 XRAY YAML 规则实现 | 简单的启动参数 | 包含多种反连可用 | 可执行文件体积仅 2 MB
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester cred...
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
恶意IP全自动封禁平台。支持收集如下安全设备告警:长亭WAF社区版(SafeLine)、微步蜜罐HFish、奇安信天眼、奇安信椒图、绿盟WAF、科来网络安全分析审计系统。支持如下设备联动封禁:RouterOS、OPNsense、CheckPoint、旁路阻断(无需设备配合)、奇安信防火墙
Small & Fast Vulnerability Scanner Engine based on XRAY YAML Rule | 基于 XRAY YAML 规则的超轻量快速漏洞扫描引擎 | 基于 ANTLR 实现语法分析和完整的 XRAY YAML 规则实现 | 简单的启动参数 | 包含多种反连可用 | 可执行文件体积仅 2 MB
Enhanced BurpGPT 是一个强大的 Burp Suite 插件。通过分析指定的 HTTP 请求和响应,帮助安全测试人员更快速地发现潜在的安全漏洞。
AIHTTPAnalyzer revolutionizes web application security testing by bringing artificial intelligence capabilities to Burp Suite. This innovative extension harnesses the power of AI to automate vulnerabi...
A fast, customizable service detection tool powered by a flexible fingerprint system. It helps you identify services, APIs, and network configurations across your infrastructure.
CLI tool for fetching URLs from Wayback Machine, Common Crawl, and VirusTotal.
collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
🛡️ Open-source and next-generation Web Application Firewall (WAF)
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and ...
A list of resources for those interested in getting started in bug bounties
DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
Source code for Hacker101.com - a free online web and mobile security class.
A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
This repo contains a complete guidance for Frontend Interview Preparation.
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester cred...
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
TangGo测试平台是无糖信息技术有限公司集多年渗透测试实战经验设计和开发的国产化综合性测试平台,为软件测试、网络安全从业人员提供强大且易用的测试工具及多人协同的工作环境,主要用于Web站点的功能测试、安全测试和安全评估。
Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites
A fast, customizable service detection tool powered by a flexible fingerprint system. It helps you identify services, APIs, and network configurations across your infrastructure.
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.
Enhanced BurpGPT 是一个强大的 Burp Suite 插件。通过分析指定的 HTTP 请求和响应,帮助安全测试人员更快速地发现潜在的安全漏洞。
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
Caddy WAF (Regex Rules, IP and DNS filtering, Rate Limiting, GeoIP, Tor, Anomaly Detection)
This repo contains a complete guidance for Frontend Interview Preparation.
🛡️ Open-source and next-generation Web Application Firewall (WAF)
SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester cred...
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.