There are 20 repositories under web-application-security topic.
The Offensive Manual Web Application Penetration Testing Framework.
JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。
🎯 XML External Entity (XXE) Injection Payload List
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
🎯 RFI/LFI Payload List
A cross-platform python based utility for information gathering and penetration testing automation!
Second-order subdomain takeover scanner
PHP Security Check List [ EN ] 🌋 ☣️
A Security Tool for Enumerating WebSockets
A bash and powershell script to download the latest version of Burp-Suite Professional and use it for free.
Awesome information for WebSockets security research
Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Master cybersecurity skills with this TryHackMe free path, includes a collection of my write-ups, solutions and progress tracking.
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Information Security Library
Bypass 403
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
a shell script aim to automatically launch 50+ online web scanning tools in the Browsaer against a target domain in a 10 waves
List of CyberSecurity Resources and some different Sub-Domains of CyberSecurity
This project is a personal learning, so you will find errors or disorganization, so if you find anything wrong, please let me know :)
Juniper Firewalls CVE-2023-36845 - RCE
Security Tool which scans a target using OpenVAS, Zap, and Nexpose. And consolidates the scan result.
🔐 teler Proxy enabling seamless integration with teler WAF 🛡️ to protect locally running web service against a web-based attacks. 🥷
An ultra-compact intro (or refresher) to Web Application Security.