Jayway's repositories
Awesome-WAF
🔥 Everything awesome about web-application firewalls (WAF).
pentest-guide
Penetration tests cases, resources and guidelines.
BurpJSLinkFinder
Burp Extension for a passive scanning JS files for endpoint links.
security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Decoder-Improved
Improved decoder for Burp Suite
turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
Emergency-Response-Notes
应急响应实战笔记,一个安全工程师的自我修养。
xless
The Serverless Blind XSS App
AwesomeXSS
Awesome XSS stuff
jQuery-File-Upload
File Upload widget with multiple file selection, drag&drop support, progress bar, validation and preview images, audio and video for jQuery. Supports cross-domain, chunked and resumable file uploads. Works with any server-side platform (Google App Engine, PHP, Python, Ruby on Rails, Java, etc.) that supports standard HTML form file uploads.
argumentinjectionhammer
A Burp Extension designed to identify argument injection vulnerabilities.
burp-vulners-scanner
Vulnerability scanner based on vulners.com search API
BurpSuiteLoggerPlusPlus
Burp Suite Logger++: Log activities of all the tools in Burp Suite
Pentest
tools
scan-check-builder
Burp Bounty is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
gopkg
example for the go pkg's function
Autorize
Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
webshell
入侵分析时发现的Webshell后门
upload-scanner
HTTP file upload scanner for Burp Proxy
SSRF-Testing
SSRF (Server Side Request Forgery) testing resources
IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
awesome-incident-response
A curated list of tools for incident response
Webshell-Sniper
:hammer: Manage your website via terminal
ssrf-playground
A playground to practice SSRF Attacks against web apps
hexo-theme-archer
:dart: a smart and modern theme for Hexo
nightmare
A distributed fuzzing testing suite with web administration
sqli-py
SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.