There are 8 repositories under websec topic.
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Pwnable|Web Security|Cryptography CTF-style challenges
Discover hidden debugging parameters and uncover web application secrets
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
🎯 CSV Injection Payloads
🎯 Directory Payload List
Some good resources for getting started with application security
▲ Web services for JavaScript, Angular.js, React.js, Vue.js, Meteor.js, Node.js, and other JavaScript-based websites, web apps, single page applications (SPA), and progressive web applications (PWA). Our services: Pre-rendering, Monitoring, Web Analytics, WebSec, and Web-CRON
a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Additional Resources For Securing The Stack Tutorials
Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.
This checklist provides a comprehensive guide for conducting a website pentest.
Rule packs for Signal Sciences power rules platform.
VulnCode: Secure Code Review Training -- This application allows the user to practice identifying vulnerabilities within codeblocks. Each codeblock was engineered to contain a single vulnerability. There are three difficulty levels. Each exercise contains a detailed explanation which becomes available after a correct answer or three wrong answers.
Automatically exploit time-based blind SQL injection vulnerabilities
Lists of elements that compose HTML and SVG structure to fuzz in security testing checks
A utility to test the success of xss payloads on a target website. Use responsibly.
Extract endpoints from stdin or files.
A collection of small web-security challenges
Writeups for Over The Wire wargames, for total security noobs.
🤖 Telegram Bot written on Python for basic web-app analysis.