web-hacking

There are 105 repositories under web-hacking topic.

• sundowndev / hacker-roadmap

  A collection of hacking tools, resources and references to practice ethical hacking.

  hackinghacking-toolpenetration-testingroadmapframeworkshacktoolspentestweb-hackingexploitationpost-exploitationinformation-gatheringpentestingsecurity
  14756

• Manisso / fsociety

  fsociety Hacking Tools Pack – A Penetration Testing Framework

  fsocietyexploitationport-scanningfsociety-hackingpost-exploitationweb-hackingpythoninformation-gatheringfinderdesktoppenetration-testing-frameworknetworkbrute-force-attacks
  Language:Python 11633

• infoslack / awesome-web-hacking

  A list of web application security

  appsechackinghacking-toolsmetasploitowasppenetration-testingpentestingscannersecurityvulnerabilitiesvulnerabilityweb-hackingweb-security
  6525

• urbanadventurer / WhatWeb

  Next generation web scanner

  application-securityappsechackinghacking-toolskali-linuxnetwork-securityowasppenetration-testpenetration-testingpenetration-testing-toolspentestpentestingpentesting-toolsreconrubyscannersecuritysecurity-toolswebweb-hacking
  Language:Ruby 6165

• LyleMi / Learn-Web-Hacking

  Study Notes For Web Hacking / Web安全学习笔记

  web-hackingstudy-noteshackingpentestingsecuritypenetration-testing
  Language:Python 5100
• AllHackingTools

  mishakorzik / AllHackingTools

  All-in-One Hacking Tools For Hackers! And more hacking tools! For termux.

  all-in-onebruteforcecibersecurityctf-toolsddos-attackshackinghacking-toolpackagespassword-attackpenetration-testingprogrammingsms-bombertermuxtermux-hackingtermux-tooltoolsweb-hackingwireless-attacksxss-attacksxss-detection
  Language:Shell 4711

• kelvinBen / AppInfoScanner

  一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速收集到移动端或者静态WEB站点中关键的资产信息并提供基本的信息输出,如：Title、Domain、CDN、指纹信息、状态信息等。

  securitypython3toolsapkapk-dexandroidipascannerweb-hackingsecurity-toolshackinghacking-toolpenetration-testing-toolspenetration-testnetwork-security
  Language:Python 3461

• husnainfareed / awesome-ethical-hacking-resources

  😎 🔗 Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.

  penetration-testinghackinglearning-hackingweb-hackingvulnerable-applicationsresourceshacktoberfestawesomeawesome-listctfowaspethical-hackinghacking-resources
  3143
• phpsploit

  nil0x42 / phpsploit

  Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

  post-exploitationhackingbackdoorstealthhacktoolblackhatprivilege-escalationphp-backdoorhacking-frameworkwebshelladvanced-persistent-threatredteamc2command-and-controlphp-webshellphp-webshell-backdoorpersistenceweb-hacking
  Language:Python 2396

• koutto / jok3r

  Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

  toolboxpentestautomationnetworkweb-hackingtoolbox-managementhacking-toolhackingsecuritysecurity-auditsecurity-toolsvulnerability-scannersexploiting-vulnerabilitiesdockerframeworkscan-toolscannerautomation-framework
  Language:HTML 1068

• backdoorhub / shell-backdoor-list

  🎯 PHP / ASP - Shell Backdoor List 🎯

  shellbackdoorshell-backdoorweb-shellhackinghackingcodeweb-hackingr57c99b374kkacakwebhackwebsecurityweb-securitywsophpphp-backdoorasp-netasp-backdoor
  Language:PHP 768

• r3curs1v3-pr0xy / vajra

  Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.

  bug-bountyhackinginformation-gatheringosintpentest-toolpentestingreconscannervajraweb-hacking
  Language:JavaScript 706

• payloadbox / rfi-lfi-payload-list

  🎯 RFI/LFI Payload List

  rfilfirfi-exploitonlfi-exploitationlfi-vulnerabilityrfi-vulnerabillitywebsecurityappsecapplication-securityweb-application-securitypayloadpayloadspayload-listbugbountybug-bountysecuritysecurity-researchsecurity-researchersecurity-researchersweb-hacking
  628

• FSecureLABS / dref

  DNS Rebinding Exploitation Framework

  dns-rebindingred-teamhackingweb-hackingbrowser-hackingpentestingiotiot-securityiot-security-testing
  Language:JavaScript 493

• D4Vinci / PasteJacker

  Hacking systems with the automation of PasteJacking attacks.

  msfvenomlinermetasploit-web-deliverylinuxhacking-toolsocial-engineering-attackspastejackingmetasploitwindows-hackingweb-hacking
  Language:Python 401

• americo / sqlifinder

  SQL Injection Vulnerability Scanner made with Python

  hackingscannersecuritysqlsql-injectionsql-injection-attacksvulnerabilityweb-hacking
  Language:Python 369

• koutto / web-brutator

  Fast Modular Web Interfaces Bruteforcer

  pentestpentestingweb-hackinghackinghacking-toolbruteforcebrute-forcebruteforce-attacksapplication-serverscms
  Language:Python 228
• awesome-cybersec

  dhotrey / awesome-cybersec

  A collection of awesome platforms, blogs, documents, books, resources and cool stuff about security

  bounty-huntersbug-bountiesbug-huntersbugbountyctfhackingowasppenetration-testingweb-hacking
  189
• white-deface

  whxitte / white-deface

  This is a simple python tool to automatically deface webdav vulnerable websites.

  defacedeface-toolsdeface-websitedefacementdefacerhackingtermux-toolweb-defaceweb-hackingwebsite-defacewebsite-deface-toolwebsite-defacementwebsite-hackwebsite-hackingwhite-deface
  Language:Python 164

• security-prince / Resources-for-Application-Security

  Some good resources for getting started with application security

  appsecappsec-tutorialswebsecuritywebsecurity-referencewebsecinfosecinfosec-referenceowaspapplication-securityweb-hackingphp-securityctfsecurity-engineering
  142

• xu-xiang / awesome-security-vul-llm

  本项目通过大模型联动爬虫，检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目，并自动识别项目的目录结构、Readme信息后进行总结分析并分类，所汇总的项目可以帮助安全行业从业者收集漏洞信息、POC信息、规则等。

  appsecawesomeawesome-listexphackinghacking-toolslangchainllmmetasploitowasppenetration-testingpentestingpocscannersecurityvulnerabilitiesvulnerabilityweb-hackingweb-securityai
  142

• serain / netmap.js

  Fast browser-based network discovery module

  browser-hackinghackingpentestingred-teamweb-hacking
  Language:JavaScript 115

• kostas-pa / LFITester

  LFITester is a Python3 program that automates the detection and exploitation of Local File Inclusion (LFI) vulnerabilities on a server.

  pythonlfi-detectionpentest-toolexploitationcybersecuritypenetration-testing-toolslfi-exploitationlfi-vulnerabilitycrawlerhackinglfibugbountyenumerationfuzzingweb-hackingwebhackingpenetration-testingpentesting
  Language:Python 110

• domssilva / vulnsearch

  A deep look at some recon methodologies and web-application vulnerabilities of my interest where I will merge all my notes gathered from books, videos, articles and own experience with bug bounty hunting / web and network hacking

  websecurityethical-hackingweb-hackingbug-bountybugbounty
  Language:JavaScript 107

• latestalexey / awesome-web-hacking

  A list of web application security

  penetration-testingweb-hackingvulnerabilitiesscannerhackinghacking-toolsmetasploitweb-security
  94

• k0r0pt / Project-Tauro

  A Router WiFi key recovery/cracking tool with a twist.

  wireless-securitywireless-hackingwifi-securitywifi-settingswifi-hackingrouter-hackingrouter-exploitation-frameworkweb-scraperweb-scrapingweb-securityweb-scannerrouter-scraperk0r0pthackinghacking-toolnetwork-securitynetwork-scannerweb-hacking
  Language:Java 93

• CRO-THEHACKER / v1ew-s0urce

  v1ew-s0urce a recon tool built by the 5/9Dark team.

  hackingnetworkingnetwork-toolspythonpython3desktoppenetration-testingpentestingfsociety-hackingmrrobotports-scanexploitationweb-hackingdiscordinformation-gathering
  Language:Python 91

• MoisesTapia / TWAPT

  Deploy your own lab of web application penetration testing with docker and docker-compose, webgoat, dvwap, bwapp and Juice Shop

  docker-composedockerwebweb-hackingpentestinghackinghacking-toolsoscpwebapphacking-toolweb-hackathonpenetration-testingrailsgoatwebgoatbwappjuice-shop
  75

• naimkowshik / LBFH

  About All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers

  address-wlan0nmap-cmddiscoveryip-mac-mask-broadcasnmap-portos-detectionpasswordhash-identifierweb-hackingxss-toolkitexploitationsqlmapfsocietycommixbettercapopen-sources
  Language:Python 69

• nuts7 / CVE-2023-27372

  SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.

  cvedeserializationexploitnucleinuclei-templatesphppocrceremote-code-executionspipvulnerabilityweb-hackingcve-2023-27372cve2023
  Language:Python 65

• xadhrit / xira

  xss vulnerability scanner and input fuzzing tool.

  pentesting-toolsweb-hackingcross-site-scriptingvulnerability-scannerspython3
  Language:Python 63

• Reven8e / multitool

  Simple Penetration Testing Multitool For Beginners.

  hacking-toolethical-hackinghackingpython-hackingpython3multitoolpython-scriptingpython-scriptpentestingpentesting-toolspython-pentestpython-beginnersweb-hackingport-scannernetworknetwork-tools
  Language:Python 62

• AbirHasan2005 / fsociety

  Fssociety Hacking Tools Pack. A Penetration Testing Framework, you will have every script that a hacker needs. This is a top hidden tool modified by AbirHasan2005. Don't share much.

  fsocietyweb-hackingexploitation
  Language:Python 50
• h4ck

  fagci / h4ck

  Hacking tools. IP fortune, webmap -- web vulns scanner, rtsp brute+fuzz, and more.

  h4ckfuzzbrute-forcehacking-toolsrtspweb-hackingwebmapfortune-rtsp
  Language:Python 44
• witchcraft

  cosmic-zip / witchcraft

  WITCHCRAFT is a cyberdeck toolkit built for runners who dive deep into the mesh. It’s your all-in-one rig for data-ghosting, ICE-breaking, and corp-system infiltration. Whether you’re running forensic traces, scraping OSINT feeds, or slicing through firewalls, WITCHCRAFT’s got your back.

  bluetoothcybersecurityhackinghacking-toollinuxpentestingpentetsingreverse-engineeringrustweb-hackingwirelesswireless-hackingwitch-craft
  Language:Rust 43

• SadeghHayeri / LoL-Hacking

  My Hacking Activities!

  hacksecuritycasut-cashackingweb-hackingsecurity-testing
  Language:Python 37