Topic: web-security Goto Github

Some thing interesting about web-security

👇 Here are 422 public repositories matching this topic...

0x4d31 / burpa

web-security,Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

User: 0x4d31

automation burp burpsuite devops python security security-automation security-scanner security-tools web-security

0xsobky / hackvault

web-security,A container repository for my public web hacks!

User: 0xsobky

payloads web-security pentesting tracking fuzzing regex reconnaissance xss exploit

4ra1n / mysql-fake-server

web-security,MySQL Fake Server (纯Java实现，支持GUI版和命令行版，提供Dockerfile，支持多种常见JDBC利用)

User: 4ra1n

jdbc mysql fake-server vulnerability web-security

4ra1n / super-xray

web-security,Web漏洞扫描工具XRAY的GUI启动器

User: 4ra1n

Home Page: https://github.com/chaitin/xray

vulnerability-scanners web-security

backdoorhub / shell-backdoor-list

web-security,🎯 PHP / ASP - Shell Backdoor List 🎯

Organization: backdoorhub

asp-backdoor asp-net b374k backdoor c99 hack hacking hackingcode kacak php php-backdoor r57 shell shell-backdoor web web-hacking web-security web-shell websecurity wso

blst-security / cherrybomb

web-security,Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

Organization: blst-security

Home Page: https://www.blstsecurity.com/cherrybomb

blst firecracker cli cyber cybersecurity business-logic security-tools security api api-security

brum3ns / firefly

web-security,Black box fuzzer for web applications

User: brum3ns

bugbounty fuzz fuzzing penetration-testing pentesting security-tools fuzzer black-box-testing blackbox web-security

bunkerity / bunkerweb

web-security,🛡️ Open-source and next-generation Web Application Firewall (WAF)

Organization: bunkerity

Home Page: https://www.bunkerweb.io

nginx modsecurity docker security dnsbl reverse-proxy bunkerized-nginx hardening web-security security-tuning

burpheart / koko-moni

web-security,一个基于网络空间搜索引擎的攻击面管理平台，可定时进行资产信息爬取，及时发现新增资产，本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源，并对获取到的数据进行去重与清洗

User: burpheart

blueteam fofa hunter infosec pentest-tool quake redteam security security-tools threatbook web-security zoomeye easm

chaitin / safeline

web-security,serve as a reverse proxy to protect your web services from attacks and exploits.

Organization: chaitin

Home Page: https://waf.chaitin.com

api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss

chenjj / corscanner

web-security,🎯 Fast CORS misconfiguration vulnerabilities scanner

User: chenjj

Home Page: https://pypi.org/project/cors/

cors cors-misconfigurations cors-policy cors-scanner python python3 vulnerability-scanners web-security

chrispetrou / fdsploit

web-security,File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

User: chrispetrou

exploitation enumeration owasp security-tools lfi rfi directory-traversal path-traversal web-security security

cryin / javaid

web-security,java source code static code analysis and danger function identify prog

User: cryin

Home Page: https://github.com/Cryin/JavaID

java-code-audit web-security

dckc / awesome-ocap

web-security,Awesome Object Capabilities and Capability Security

User: dckc

web-security security capabilities awesome-list ocap javascript ocaps capability-based awesome

devanshbatham / favfreak

web-security,Making Favicon.ico based Recon Great again !

User: devanshbatham

bugbounty osint reconnaissance recon hacking webappsec information-gathering bughunting web-security

web-security,A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

User: dmdhrumilmistry

Home Page: http://dmdhrumilmistry.github.io/pyhtools/

python python3 hacking-tools hackingwithpython hacking telegram-hack remoteaccess hacking-tool ransomware dmdhrumilmistry

enkomio / taipan

web-security,Web application vulnerability scanner

User: enkomio

Home Page: https://taipansec.com

security-tools security-scanner security-automation web-security application-security security security-audit security-testing hacking-tool taipan

ge0rg3 / requests-ip-rotator

web-security,A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

User: ge0rg3

Home Page: https://pypi.org/project/requests-ip-rotator/

apigateway aws bugbounty bypass hacktoberfest ip networking security security-tools web-security

ghoshsuman845 / frontend-interview-preparation-kit

web-security,This repo contains a complete guidance for Frontend Interview Preparation.

User: ghoshsuman845

frontend-interview html-css-javascript reactjs frontend-interview-kit frontend-interview-preparation web-fundamentals web-security coding-questions-js machine-coding-questions machine-coding-questions-frontend

hacker0x01 / hacker101

web-security,Source code for Hacker101.com - a free online web and mobile security class.

Organization: hacker0x01

Home Page: https://www.hacker101.com

education hacking security hackerone hacker101 xss clickjacking csrf web-security session-fixation

harmoc / ctftools

web-security,Personal CTF Toolkit

User: harmoc

hacking ctf-tools web-security hacking-tool

hueristiq / xurlfind3r

web-security,A command-line interface (CLI) based passive URLs discovery utility. It is designed to efficiently identify known URLs of given domains by tapping into a multitude of curated online passive sources.

Organization: hueristiq

Home Page: https://github.com/hueristiq/xurlfind3r

osint penetration-testing penetration-testing-tools bug-bounty bug-bounty-tools ethical-hacking ethical-hacking-tools osint-tools red-teaming red-teaming-tools

imayrix / fallparams

web-security,Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

User: imayrix

bug-bounty-hunters bugbounty penetration-testing pentest ssrf web-application-security web-security wordlist wordlist-generator xss

incredibleindishell / ssrf_vulnerable_lab

web-security,This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

User: incredibleindishell

Home Page: https://www.mannulinux.org

web-security ssrf attack lab exploitation server-side-request-forgery hacking

infoslack / awesome-web-hacking

web-security,A list of web application security

User: infoslack

penetration-testing web-hacking vulnerabilities scanner hacking hacking-tools metasploit web-security appsec owasp

lirantal / awesome-nodejs-security

web-security,Awesome Node.js Security resources

User: lirantal

nodejs security cybersecurity web-security owasp vulnerabilities pentest infosec hacktoberfest

lookyloo / lookyloo

web-security,Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.

Organization: lookyloo

Home Page: https://www.lookyloo.eu

information-security privacy web-security dfir capture scraping lookyloo

lunasec-io / lunasec

web-security,LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Organization: lunasec-io

Home Page: https://www.lunasec.io/

tokenization web-security compliance security soc2 pci-dss gdpr zero-trust devsecops log4shell

madneal / articles-translator

web-security,:books:Translate the distinct technical blogs. Please star or watch. Welcome to join me.

User: madneal

Home Page: https://madneal.github.io/articles-translator/

article javascript vue webpack memory-management npm pwa react security css

mazen160 / jwt-pwn

web-security,Security Testing Scripts for JWT

User: mazen160

jwt-pwn jwt-cracker jwt web-security

mike-works / web-security-fundamentals

web-security,Mike North's Web Security Course

Organization: mike-works

Home Page: https://frontendmasters.com/courses/web-security/

web-security xss cors csrf clickjacking security course

mobsf / mobile-security-framework-mobsf

web-security,Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Organization: mobsf

Home Page: https://opensecurity.in

static-analysis dynamic-analysis mobsf android-security mobile-security windows-mobile-security ios-security api-testing web-security malware-analysis

multiparty / jiff

web-security,JavaScript library for building web-based applications that employ secure multi-party computation (MPC).

Organization: multiparty

Home Page: https://multiparty.org/jiff/

mpc multi-party-computation cybersecurity web-security privacy-enhancing-technologies javascript javascript-library multiparty-computation multiparty multi-party

nahamsec / resources-for-beginner-bug-bounty-hunters

web-security,A list of resources for those interested in getting started in bug bounties

User: nahamsec

bug-bounty-hunters hackers xss bug-bounty learn2hack hacking pentest web-security education ssrf bugbounty

palahsu / ddos-ripper

web-security,DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

User: palahsu

ddos-attacks ddos-tool ddos-attack-tools ddos-protection ddos ddos-attack-tool denial-of-service attack-defense deface-website hacking-tools

pushsecurity / saas-attacks

web-security,Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

Organization: pushsecurity

Home Page: https://pushsecurity.com/blog/saas-attack-techniques/

offensive-security saas web-security

qi4l / jyso

web-security,It can be either a JNDIExploit or a ysoserial.

User: qi4l

java attack jndi-injection web-security mem-shell middleware-echo jndi ldap rmi gadget

rizer0 / log-killer

web-security,Clear all your logs in [linux/windows] servers 🛡️

User: rizer0

web-security security logs hacking server-management

serain / bbrecon

web-security,Python library and CLI for the Bug Bounty Recon API

User: serain

Home Page: https://bugbountyrecon.com

hackerone bugcrowd bugbounty federacy hackenproof yeswehack bugbountytips recon web-security security

splitline / how-to-hack-websites

web-security,開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall

User: splitline

ctf security web-security

tempesta-tech / tempesta

web-security,All-in-one solution for high performance web content delivery and advanced protection against DDoS and web attacks

Organization: tempesta-tech

Home Page: https://tempesta-tech.com/

web-application-firewall linux-kernel high-performance http-accelerator load-balancer database tls http2 security bots

tmpertor / raven-storm

web-security,Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

User: tmpertor

Home Page: https://taguar258.github.io/Raven-Storm/