There are 85 repositories under web-hacking topic.
A collection of hacking tools, resources and references to practice ethical hacking.
A list of web application security
Next generation web scanner
Study Notes For Web Hacking / Web安全学习笔记
一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具,可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如:Title、Domain、CDN、指纹信息、状态信息等。
All-in-One Hacking Tools For Hackers! And more hacking tools! For termux.
😎 🔗 Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
🎯 PHP / ASP - Shell Backdoor List 🎯
🎯 RFI/LFI Payload List
DNS Rebinding Exploitation Framework
Hacking systems with the automation of PasteJacking attacks.
SQL Injection Vulnerability Scanner made with Python
Fast Modular Web Interfaces Bruteforcer
A collection of awesome platforms, blogs, documents, books, resources and cool stuff about security
A web hacking toolkit (docker image).
Some good resources for getting started with application security
This is a simple python tool to automatically deface webdav vulnerable websites.
A deep look at some recon methodologies and web-application vulnerabilities of my interest where I will merge all my notes gathered from books, videos, articles and own experience with bug bounty hunting / web and network hacking
LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.
v1ew-s0urce a recon tool built by the 5/9Dark team.
A list of web application security
A Router WiFi key recovery/cracking tool with a twist.
Deploy your own lab of web application penetration testing with docker and docker-compose, webgoat, dvwap, bwapp and Juice Shop
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.
About All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
本项目通过大模型联动爬虫,检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目,并自动识别项目的目录结构、Readme信息后进行总结分析并分类,所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。
Fssociety Hacking Tools Pack. A Penetration Testing Framework, you will have every script that a hacker needs. This is a top hidden tool modified by AbirHasan2005. Don't share much.