0xn3va / application-security-handbookLinks
A knowledge base of best practices for application security
☆28Updated 2 years ago
Alternatives and similar repositories for application-security-handbook
Users that are interested in application-security-handbook are comparing it to the libraries listed below
Sorting:
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆138Updated 5 months ago
- Creating a schedule with logging and the ability to run on only one instance☆34Updated last year
- A mobile translator featuring the ability to add words and phrases to Favourites - an open-source project aimed at enhancing the skills o…☆24Updated last year
- A research project to add some brrrrrr to Burp☆190Updated 7 months ago
- ☆216Updated last year
- Nuclei plugins to audit Chrome extensions☆65Updated last year
- A tool to quickly do keyword searches over Gitlab and Github for OSINT & bug bounty recon☆242Updated last year
- ☆184Updated 11 months ago
- A collection of Turbo Intruder scripts.☆64Updated 7 months ago
- A tool to scrape the AWS ranges looking for a keyword in SSL certificate data.☆236Updated last year
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆226Updated 3 months ago
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆204Updated 2 months ago
- The Template Injection Playground allows to test a large number of the most relevant template engines for template injection possibilitie…☆48Updated 2 months ago
- A smarter web fuzzing tool that combines local LLM models and ffuf to optimize directory and file discovery☆319Updated 10 months ago
- A collection of Semgrep rules derived from the OWASP MASTG specifically for Android applications.☆297Updated last year
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆148Updated 3 weeks ago
- Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)☆164Updated last year
- AI-powered ffuf wrapper☆538Updated 10 months ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆156Updated last month
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆431Updated 8 months ago
- ☆324Updated 3 months ago
- An automated GitHub Actions-based crawler that fetches and updates public scopes from popular bug bounty platforms (like Hackerone/Bugcro…☆60Updated this week
- Burp Suite extension for testing Passkey systems.☆74Updated 5 months ago
- jxscout superpowers JavaScript analysis for security researchers☆258Updated last week
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such …☆232Updated 7 months ago
- ☆82Updated 2 years ago
- Search for sensitive data in Postman public library.☆213Updated 3 weeks ago
- A LLM explicitly designed for getting hacked☆160Updated 2 years ago
- HTTP redirection service designed to help bypass SSRF filters. Integrated with Burp Suite.☆49Updated 2 months ago
- SignSaboteur is a Burp Suite extension for editing, signing, verifying various signed web tokens☆163Updated 9 months ago