codingo / NoSQLMap

Star

Automated NoSQL database enumeration and web application exploitation tool.

couchdb redis security-audit mongodb nosql scanner hacking databases enumeration penetration-testing nosql-databases sql-injection bugbounty mongodb-database offensive-security hacktoberfest hacking-tool security-tools web-application-security security-toolset

Updated Jul 27, 2020
Python

owtf / owtf

Star

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp

python linux security nist framework passive mozilla traffic owasp pentest impact kali-linux owtf semi-passive web-application-security

Updated Nov 23, 2020
Python

0xInfection / TIDoS-Framework

Star

The Offensive Manual Web Application Penetration Testing Framework.

osint enumeration highlight scanning exploitation vulnerability-detection web-penetration-testing intelligence-gathering web-application-security comprehensive-web reconnaissance footprinting vulnerability-analysis comprehensive web-fuzzer scanning-enumeration tidos-framework

Updated Nov 4, 2020
Python

Janusec / janusec

Star

Janusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关，提供快速、安全的应用交付。

go golang security gateway waf xss reverse-proxy sql-injection application-security web-application-firewall port-forwarding web-console web-application-security web-ssh application-gateway load-balance cc-attack-defense sensitive-data-leakage janusec-application-gateway janusec

Updated Nov 22, 2020
Go

codingo / VHostScan

Star

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

security security-audit scanner hacking penetration-testing bugbounty vhost vhosts offensive-security virtual-hosts hacking-tool discovery-service ctf-tools reverse-lookups security-tools web-application-security oscp penetration-test hackthebox virtual-host

Updated Sep 1, 2020
Python

gildasio / h2t

Star

h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply

http security hardening headers defense web-application-security

Updated Nov 16, 2020
Python

Anon-Exploiter / SiteBroker

Star

A cross-platform python based utility for information gathering and penetration testing automation!

python docker-image penetration-testing information-gathering web-application-security wapt cross-platform-python penetration-automation

Updated Oct 20, 2020
Python

security-checklist / php-security-check-list

Star

PHP Security Check List [ EN ] 🌋 ☣️

php checklist security security-audit php-library php-framework web-application php-security bugbounty web-application-framework security-checklist web-application-security security-testing php-security-checker webapplication security-research security-researcher

Updated Jan 13, 2020

payloadbox / xxe-injection-payload-list

Star

🎯 XML External Entity (XXE) Injection Payload List

Updated Jan 6, 2020

codingo / crithit

Star

Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.

security security-audit hacking enumeration penetration-testing infosec pentesting security-vulnerability bugbounty offensive-security hacking-tool security-tools web-application-security pentest-tools

Updated Mar 31, 2020
Makefile

payloadbox / rfi-lfi-payload-list

Star

🎯 RFI/LFI Payload List

security bug-bounty application-security bugbounty appsec payload payloads lfi rfi web-hacking websecurity web-application-security security-research security-researcher lfi-exploitation payload-list lfi-vulnerability security-researchers rfi-exploiton rfi-vulnerabillity

Updated Oct 1, 2020

tprynn / web-methodology

Star

Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki

security documentation web web-application application-security appsec web-application-security security-testing

Updated Sep 23, 2020

sqreen / go-agent

Star

Sqreen's Application Security Management for the Go language

agent golang security protection waf owasp instrumentation scans attacks web-application-security rasp sqreen microservices-security security-agent

Updated Nov 26, 2020
Go

VainlyStrain / Vaile

Star

Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)

osint scanner python3 enumeration pentesting scanning exploitation exploitation-framework vulnerability-scanners webappsec web-pentest web-application-security reconnaissance pentest-tool vulnerability-analysis penetration-testing-framework information-disclosure tidos-framework

Updated Apr 12, 2020
Python

oshp / headers

Star

An application to catch, search and analyze HTTP secure headers.

python security owasp defense web-application-security

Updated Oct 21, 2019
Python

ax330d / pvt

Star

PHP extension for web-application dynamic analysis.

php extension web-application-security

Updated Sep 21, 2018
C

bkimminich / webappsec-nutshell

Star

An ultra-compact intro (or refresher) to Web Application Security.

security owasp application-security training-materials web-application-security security-awareness

Updated Feb 15, 2018
JavaScript

AhmedConstant / lazyGrandma

Star

a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves

bash sell google-dorks information-gathering web-application-security bug-hunting reconnaissance http-headers subdomain-enumeration github-dorks web-application-security-scanner

Updated Sep 19, 2019
Shell

roottusk / xforwardy

Star

Host Header Injection Scanner

hacking bug-bounty hacktoberfest security-tools web-application-security vulnerability-scanner host-header-manipulation hacktoberfest2020 host-header-injection

Updated Oct 27, 2020
Python

Janusec / janusec-admin

Star

The Unified Web Administration Portal for Janusec Application Gateway (an application security solution which provides Web Application Firewall, unified web administration portal, private key protection, web routing and scalable load balancing).

waf web-application-firewall web-application-security application-gateway gateway-waf

Updated Nov 22, 2020
TypeScript

binarymist / HolisticInfoSec-For-WebDevelopers-Fascicle1

Star

📚 VPS 🔒 Network 🔒 Cloud 🔒 Web Applications 📚

tls ssh security devops security-audit cloud books book network vps hacking webapp network-security web-application-security devsecops vps-security cloud-security security-review security-testing

Updated Aug 2, 2019

vs4vijay / MultiScanner

Star

Security Tool which scans a target using OpenVAS, Zap, and Nexpose. And consolidates the scan result.

cli security-audit zap owasp application-security security-vulnerability openvas owasp-zap security-scanner nexpose security-tools web-application-security security-testing owasp-top openvas-cli openvas-reports

Updated Nov 19, 2020
Python

kaiiyer / web-app-pentesting

Star

Web Application Penetration Testing tools and Materials for Ethical Hackers.

python bruteforce wordlist penetration-testing scanning hacktoberfest web-application-security hacktoberfest2019 brutef-xss

Updated Dec 11, 2019
Python

MrM8BRH / SuperLibrary

Star

Information Security Library

Updated Sep 30, 2020

f5devcentral / f5-agility-labs-waf

Star

F5 Agility Labs for Web Application Firewall Use Cases

security documentation http-proxy application-security training-labs web-application-firewall ddos-mitigation web-application-security f5-agility-labs f5-asm

Updated Oct 7, 2020
Shell

binarymist / dockersecurity-quickreference

Star

📚 🐳 For DevOps Engineers 🐳 📚

linux docker security devops books book infosec application-security cgroups volumes capabilities namespaces seccomp information-security web-application-security devsecops lsm docker-security control-groups

Updated Feb 10, 2019

DanaEpp / CodeArgos

Star

A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.

security-audit penetration-testing bug-bounty pentesting bugbounty offensive-security security-tools web-application-security pentesting-tools

Updated Jul 27, 2020
Python

FOGSEC / awesome-web-security

Star

🐶 A curated list of Web Security materials and resources.

shell aws csv sql orm ftp css-animations web-app xss web-application recon modsecurity ssrf web-application-security xxe command-injection sub-domain-enumeration header-injection

Updated Jan 2, 2018

sqreen / sqreen-dotnet

Star

.NET packages for using Sqreen

agent security web-application-security sqreen security-agent

Updated Jan 21, 2020
C#

fionn / http-request-smuggling

Star

HTTP request smuggling examples

web-application-security http-request-smuggling desync-attack

Updated Sep 25, 2019
Shell

web-application-security

Here are 49 public repositories matching this topic...

codingo / NoSQLMap

owtf / owtf

0xInfection / TIDoS-Framework

Janusec / janusec

codingo / VHostScan

gildasio / h2t

Anon-Exploiter / SiteBroker

security-checklist / php-security-check-list

payloadbox / xxe-injection-payload-list

codingo / crithit

payloadbox / rfi-lfi-payload-list

tprynn / web-methodology

sqreen / go-agent

VainlyStrain / Vaile

oshp / headers

ax330d / pvt

bkimminich / webappsec-nutshell

AhmedConstant / lazyGrandma

roottusk / xforwardy

Janusec / janusec-admin

binarymist / HolisticInfoSec-For-WebDevelopers-Fascicle1

vs4vijay / MultiScanner

kaiiyer / web-app-pentesting

MrM8BRH / SuperLibrary

f5devcentral / f5-agility-labs-waf

binarymist / dockersecurity-quickreference

DanaEpp / CodeArgos

FOGSEC / awesome-web-security

sqreen / sqreen-dotnet

fionn / http-request-smuggling

Improve this page

Add this topic to your repo

Oct	NOV	Dec
	26
2019	2020	2021

web-application-security

Here are 49 public repositories matching this topic...

codingo / NoSQLMap

owtf / owtf

0xInfection / TIDoS-Framework

Janusec / janusec

codingo / VHostScan

gildasio / h2t

Anon-Exploiter / SiteBroker

security-checklist / php-security-check-list

payloadbox / xxe-injection-payload-list

codingo / crithit

payloadbox / rfi-lfi-payload-list

tprynn / web-methodology

sqreen / go-agent

VainlyStrain / Vaile

oshp / headers

ax330d / pvt

bkimminich / webappsec-nutshell

AhmedConstant / lazyGrandma

roottusk / xforwardy

Janusec / janusec-admin

binarymist / HolisticInfoSec-For-WebDevelopers-Fascicle1

vs4vijay / MultiScanner

kaiiyer / web-app-pentesting

MrM8BRH / SuperLibrary

f5devcentral / f5-agility-labs-waf

binarymist / dockersecurity-quickreference

DanaEpp / CodeArgos

FOGSEC / awesome-web-security

sqreen / sqreen-dotnet

fionn / http-request-smuggling

Improve this page

Add this topic to your repo

Essential cookies

Always active

Analytics cookies