WebSecurity-PenTesting's repositories
Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
karma_v2
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
recollapse
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
weaponised-XSS-payloads
XSS payloads designed to turn alert(1) into P1
xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
API-Security
OWASP API Security Project
Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
AwesomeXSS
Awesome XSS stuff
Cloud-Security-Attacks
Azure and AWS Attacks
Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
Mind-Maps
Mind-Maps of Several Things