OWASP / wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
β7,559Updated last week
Alternatives and similar repositories for wstg:
Users that are interested in wstg are comparing it to the libraries listed below
- π― Cross Site Scripting ( XSS ) Vulnerability Payload Listβ6,627Updated 6 months ago
- The Bug Hunters Methodologyβ3,992Updated last year
- A list of interesting payloads, tips and tricks for bug bounty hunters.β6,020Updated last year
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.β8,349Updated last year
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug natureβ3,797Updated 5 months ago
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communitβ¦β3,147Updated last month
- Penetration tests guide based on OWASP including test cases, resources and examples.β2,523Updated 2 years ago
- A list of public penetration test reports published by several consulting firms and academic security groups.β8,635Updated 7 months ago
- In-depth attack surface mapping and asset discoveryβ12,376Updated last month
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies andβ¦β3,713Updated 3 years ago
- Collection of methodology and test case for various web vulnerabilities.β6,218Updated 5 months ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.β9,245Updated 4 months ago
- OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pβ¦β1,533Updated last year
- List of Awesome Red Teaming Resourcesβ7,044Updated last year
- Awesome XSS stuffβ4,837Updated 2 months ago
- A collection of custom security tools for quick needs.β3,168Updated last year
- "Can I take over XYZ?" β a list of services and how to claim (sub)domains with dangling DNS records.β4,981Updated 2 weeks ago
- This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.β3,345Updated last year
- A curated list of various bug bounty toolsβ4,532Updated 3 weeks ago
- OWASP Web Application Security Testing Checklistβ1,790Updated 2 years ago
- A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-referenceβ4,825Updated last year
- Scripted Local Linux Enumeration & Privilege Escalation Checksβ7,160Updated last year
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.β5,278Updated 7 months ago
- PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with otheβ¦β3,519Updated last year
- HTTP parameter discovery suite.β5,385Updated last month
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)β16,686Updated this week
- Top disclosed reports from HackerOneβ4,156Updated last month
- A Workflow Engine for Offensive Securityβ5,439Updated 8 months ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β5,249Updated 5 months ago
- π― SQL Injection Payload Listβ5,169Updated 6 months ago