websec

There are 9 repositories under websec topic.

dirhunt
Nekmo / dirhunt
Find web directories without bruteforce
pentesting security security-tools websec python dirscanner without-bruteforce crawler
Language:Python 1733
devploit / nomore403
Tool to bypass 403/40X response codes.
waf-bypass pentesting websec bugbounty ctf 403 403-bypass bypass
Language:Go 1054
deibit / cansina
Web Content Discovery Tool
python pentesting security-audit websec
Language:Python 878
security-prince / Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
security-engineer-interview webappsec appsec devsecops infosec application-security vulnerability sdlc xss interview-questions security-team websecurity websec websecurity-reference security-engineering
628
l4wio / CTF-challenges-by-me
Pwnable|Web Security|Cryptography CTF-style challenges
ctf-challenges ctf pwnable websec cryptography ctf-writeups
Language:CSS 396
rescope
root4loot / rescope
A scope generation tool for Burp Suite & ZAP
security-tools websec bugbounty pentesting burp burpsuite zap enumeration go security infosec golang scope
Language:Go 314
devploit / XORpass
Encoder to bypass WAF filters using XOR operations.
php xor websec pentesting waf-bypass bugbounty
Language:Python 250
devploit / debugHunter
Discover hidden debugging parameters and uncover web application secrets
bugbounty ctf pentesting websec
Language:JavaScript 223
Vailyn
VainlyStrain / Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
websecurity information-leak exploitation vulnerability-scanners directory-traversal path-traversal pentest-tool websec vulnerability-assessment penetration-testing filter-evasion vulnerability-detection pentesting lfi lfi-shells lfi-exploitation security local-file-inclusion rce takeover
Language:Python 192
payloadbox / csv-injection-payloads
🎯 CSV Injection Payloads
csv-injection csv csv-exploit csv-payload csv-payloads websecurity websec bugbounty bug-bounty bugbountytips code-security security payload payloads payloadbox
176
payloadbox / directory-payload-list
🎯 Directory Payload List
payloadbox directory directory-payload directory-list payload-list payload payloads fuzzing fuzz fuzz-testing bugbounty bug-bounty websecurity websec websecurity-reference web-security web-security-research web-secure awesome awesome-list
140
security-prince / Resources-for-Application-Security
Some good resources for getting started with application security
appsec appsec-tutorials websecurity websecurity-reference websec infosec infosec-reference owasp application-security web-hacking php-security ctf security-engineering
131
devploit / put2win
Script to automate PUT HTTP method exploitation to get shell
bash websec pentesting
Language:Shell 124
tyki6 / MyJWT
A cli for cracking, testing vulnerabilities on Json Web Token(JWT)
pentesting security security-tools python jwt jsonwebtoken websec cli rawsec ctf pentest pypi blackarch blackarch-packages rootme root-me
Language:Python 107
gbiagomba / Sherlock
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
cyber-security cybersecurity red-team red-team-engagement red-teaming redteam redteaming security security-audit security-automation security-scanner security-team security-testing security-tools sherlock web-sec-scanner web-security websec websecurity
Language:Shell 83
rastating / xss-chef
A web application for generating custom XSS payloads
javascript react xss xss-exploitation xss-exploit penetration-testing security websec
Language:JavaScript 75
ostrio
veliovgroup / ostrio
▲ Web services for JavaScript, Angular.js, React.js, Vue.js, Meteor.js, Node.js, and other JavaScript-based websites, web apps, single page applications (SPA), and progressive web applications (PWA). Our services: Pre-rendering, Monitoring, Web Analytics, WebSec, and Web-CRON
monitoring analytics prerender prerendering crawlable webcron protection websecurity websec web-analytics web-cron spiderable
62
netizenship
rahulrajpl / netizenship
a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
cybersecurity osint-python information-retrieval information-gathering information-security infosec websecurity websec
Language:Python 48
SecuringTheStack / tutorials
Additional Resources For Securing The Stack Tutorials
tutorials infosec cybersecurity secure-coding appsec websec appsec-tutorials owasp
Language:JavaScript 38
hacker-scoper
ItsIgnacioPortal / hacker-scoper
Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.
bugbounty scopes filter recon infosec enumeration go golang pentesting security security-tools websec websecurity bugcrowd hackerone
Language:Go 24
ducdatdau / Writeups
writeups/solvers for CTF challenges
cryptography ctf pwnable reverse-engineering websec
Language:Python 9
foospidy / sigsci-power-rules
Rule packs for Signal Sciences power rules platform.
signalsciences rules powerrules websecurity websec appsec sigsci signal-sciences signal-sciences-api
Language:Shell 5
t0nyc23 / condi
Content Discovery/Directory Brute-forcing using Python3
bruteforce bugbounty recon websec python3-recon
Language:Python 3
VulnCode1337 / VulnCode
VulnCode: Secure Code Review Training -- This application allows the user to practice identifying vulnerabilities within codeblocks. Each codeblock was engineered to contain a single vulnerability. There are three difficulty levels. Each exercise contains a detailed explanation which becomes available after a correct answer or three wrong answers.
source-code-analysis websec burpsuite-pro express security-vulnerability vulnerability-research cpp csharp golang java php python ruby
Language:PowerShell 3
alessiovierti / blindpie
Automatically exploit time-based blind SQL injection vulnerabilities
blind-sql-injection cybersecurity exploit python sql-injection sqli time-based-blind-sql-injection websec websecurity
Language:Python 2
Drayko / Web-Elements-List
Lists of elements that compose HTML and SVG structure to fuzz in security testing checks
html svg security websecurity websec tags attributes eventhandlers
2
Az3z3l / Az3z3l.github.io
The B.L.O.G experiment
blog websec
Language:HTML 1
Az3z3l / webXtools
A collection of often-used scripts and tools
toolkit websec ctf
Language:Python 1
DarkPurple141 / xss-test
A utility to test the success of xss payloads on a target website. Use responsibly.
security websec tools pentesting penetration-testing python3 xss xss-exploitation
Language:Python 1
dkasak / relative-urls
Extract endpoints from stdin or files.
python url endpoint extraction pentesting security bug-hunting bug-bounty websec
Language:Python 1
Kaiser784 / Web-sec-challenges
A collection of small web-security challenges
websec ctf django websecurity postgresql postgresql-database
Language:JavaScript 1
rarecoil / overthewire
Writeups for Over The Wire wargames, for total security noobs.
wargames infosec websec owasp ctf-writeups noob-friendly
1
cybersecurityhq / cybersecurityhq.github.io
Yet another security blog
security websec
Language:Ruby 0
Jflye / netsec
Some netsec workflow notes
penetration testing pentesting pentesting-tools payloads nmap websec netsec
0
kraloveckey / add-on
🤖 Telegram Bot written on Python for basic web-app analysis.
python security telegram telegram-bot web-analysis webapp websec websecurity
Language:Python 0
2Fac3R / Papers
My papers
ebook tutorial manual taller websec php pdf