There are 4 repositories under webappsec topic.
Making Favicon.ico based Recon Great again !
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch
OWASP Code Review Guide Web Repository
Batch file to launch activated BurpSuit in Windows 10/ 11
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference
The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site
ScriptKKiddie's WebAppSec Testing or Web Application Security Testing based on OWASP is a repository that contains useful resources, & stuffs helpful for Web Application Penetration Testing. By @ScriptKKiddie
Continuation of the ZAP Neonmarker add-on previously by Juha Kivekäs
A curated list of tools which you can use in Infosec!
:zap: Conduct attacks based on information gathered from the OWASP ZAP API
Analyzes and fuzzes requests that are stored in Burp Suite's history
Things to do while Hacking/Hunting in Web Applications
web application penetration testing and security notes.
OWASP Foundation Web Respository for the Ottawa Ontario Chapter
Enter your domain in the search box to get Docks (Google, Shodan and Github) for bug bounty
portProbe is a tool designed to efficiently probe for open ports. It will take both IP Address and Subdomains.
Approov API Threat protection integration with FingerprintJS for Web Apps
Approov API Threat Protection integration with Google reCAPTCHA V3 for Web Apps
Approov API Threat Protection integration with hCaptcha for Web Apps
Tool designed to find location of newly uploaded file when not given by the website.
Go Web Auth Checker (gowac) can be used to discover URLs that have access control issues