websec

There are 8 repositories under websec topic.

dirhunt
Nekmo / dirhunt
Find web directories without bruteforce
crawler dirscanner pentesting python security security-tools websec without-bruteforce
Language:Python 1677
devploit / nomore403
Tool to bypass 403/40X response codes.
403 403-bypass bugbounty bypass ctf pentesting waf-bypass websec
Language:Go 946
deibit / cansina
Web Content Discovery Tool
pentesting python security-audit websec
Language:Python 859
security-prince / Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
security-engineer-interview webappsec appsec devsecops infosec application-security vulnerability sdlc xss interview-questions security-team websecurity websec websecurity-reference security-engineering
604
l4wio / CTF-challenges-by-me
Pwnable|Web Security|Cryptography CTF-style challenges
ctf-challenges ctf pwnable websec cryptography ctf-writeups
Language:CSS 391
rescope
root4loot / rescope
A scope generation tool for Burp Suite & ZAP
security-tools websec bugbounty pentesting burp burpsuite zap enumeration go security infosec golang scope
Language:Go 310
devploit / XORpass
Encoder to bypass WAF filters using XOR operations.
bugbounty pentesting php waf-bypass websec xor
Language:Python 246
devploit / debugHunter
Discover hidden debugging parameters and uncover web application secrets
bugbounty ctf pentesting websec
Language:JavaScript 219
Vailyn
VainlyStrain / Vailyn
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
websecurity information-leak exploitation vulnerability-scanners directory-traversal path-traversal pentest-tool websec vulnerability-assessment penetration-testing filter-evasion vulnerability-detection pentesting lfi lfi-shells lfi-exploitation security local-file-inclusion rce takeover
Language:Python 188
payloadbox / csv-injection-payloads
🎯 CSV Injection Payloads
bug-bounty bugbounty bugbountytips code-security csv csv-exploit csv-injection csv-payload csv-payloads payload payloadbox payloads security websec websecurity
169
payloadbox / directory-payload-list
🎯 Directory Payload List
awesome awesome-list bug-bounty bugbounty directory directory-list directory-payload fuzz fuzz-testing fuzzing payload payload-list payloadbox payloads web-secure web-security web-security-research websec websecurity websecurity-reference
135
security-prince / Resources-for-Application-Security
Some good resources for getting started with application security
appsec appsec-tutorials websecurity websecurity-reference websec infosec infosec-reference owasp application-security web-hacking php-security ctf security-engineering
123
devploit / put2win
Script to automate PUT HTTP method exploitation to get shell
bash pentesting websec
Language:Shell 122
tyki6 / MyJWT
A cli for cracking, testing vulnerabilities on Json Web Token(JWT)
pentesting security security-tools python jwt jsonwebtoken websec cli rawsec ctf pentest pypi blackarch blackarch-packages rootme root-me
Language:Python 104
gbiagomba / Sherlock
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
sherlock security security-tools security-audit cybersecurity cyber-security redteam red-team redteaming red-teaming red-team-engagement web-security web-sec-scanner websecurity websec security-automation security-scanner security-testing security-team
Language:Shell 81
rastating / xss-chef
A web application for generating custom XSS payloads
javascript penetration-testing react security websec xss xss-exploit xss-exploitation
Language:JavaScript 73
ostrio
veliovgroup / ostrio
▲ Web services for JavaScript, Angular.js, React.js, Vue.js, Meteor.js, Node.js, and other JavaScript-based websites, web apps, single page applications (SPA), and progressive web applications (PWA). Our services: Pre-rendering, Monitoring, Web Analytics, WebSec, and Web-CRON
monitoring analytics prerender prerendering crawlable webcron protection websecurity websec web-analytics web-cron spiderable
62
netizenship
rahulrajpl / netizenship
a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
cybersecurity information-gathering information-retrieval information-security infosec osint-python websec websecurity
Language:Python 45
SecuringTheStack / tutorials
Additional Resources For Securing The Stack Tutorials
tutorials infosec cybersecurity secure-coding appsec websec appsec-tutorials owasp
Language:JavaScript 38
hacker-scoper
ItsIgnacioPortal / hacker-scoper
Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.
bugbounty scopes filter recon infosec enumeration go golang pentesting security security-tools websec websecurity bugcrowd hackerone
Language:Go 22
ducdatdau / Writeups
writeups/solvers for CTF challenges
cryptography ctf pwnable reverse-engineering websec
Language:Python 9
meuzgebre / website-pentesting-checklist
This checklist provides a comprehensive guide for conducting a website pentest.
pentesting websec websecurity websecurity-reference web-pen web-penetration-testing web-security
9
foospidy / sigsci-power-rules
Rule packs for Signal Sciences power rules platform.
signalsciences rules powerrules websecurity websec appsec sigsci signal-sciences signal-sciences-api
Language:Shell 5
t0nyc23 / condi
Content Discovery/Directory Brute-forcing using Python3
bruteforce bugbounty recon websec python3-recon
Language:Python 3
VulnCode1337 / VulnCode
VulnCode: Secure Code Review Training -- This application allows the user to practice identifying vulnerabilities within codeblocks. Each codeblock was engineered to contain a single vulnerability. There are three difficulty levels. Each exercise contains a detailed explanation which becomes available after a correct answer or three wrong answers.
source-code-analysis websec burpsuite-pro express security-vulnerability vulnerability-research cpp csharp golang java php python ruby
Language:PowerShell 3
alessiovierti / blindpie
Automatically exploit time-based blind SQL injection vulnerabilities
blind-sql-injection cybersecurity exploit python sql-injection sqli time-based-blind-sql-injection websec websecurity
Language:Python 2
Drayko / Web-Elements-List
Lists of elements that compose HTML and SVG structure to fuzz in security testing checks
attributes eventhandlers html security svg tags websec websecurity
2
Az3z3l / Az3z3l.github.io
The B.L.O.G experiment
blog websec
Language:HTML 1
Az3z3l / webXtools
A collection of often-used scripts and tools
toolkit websec ctf
Language:Python 1
DarkPurple141 / xss-test
A utility to test the success of xss payloads on a target website. Use responsibly.
security websec tools pentesting penetration-testing python3 xss xss-exploitation
Language:Python 1
dkasak / relative-urls
Extract endpoints from stdin or files.
python url endpoint extraction pentesting security bug-hunting bug-bounty websec
Language:Python 1
h4fan / SecurityBlog
安全博客，web sec | bug bounty | web安全 | 网络安全
blog bugbounty websec
Language:HTML 1
Kaiser784 / Web-sec-challenges
A collection of small web-security challenges
ctf django postgresql postgresql-database websec websecurity
Language:JavaScript 1
rarecoil / overthewire
Writeups for Over The Wire wargames, for total security noobs.
wargames infosec websec owasp ctf-writeups noob-friendly
1
kraloveckey / add-on
🤖 Telegram Bot written on Python for basic web-app analysis.
python security telegram telegram-bot web-analysis webapp websec websecurity
Language:Python 0
cybersecurityhq / cybersecurityhq.github.io
Yet another security blog
security websec
Language:Ruby