PalindromeLabs / awesome-websocket-security

Related projects: ⓘ

• hakluke / bug-bounty-standards
  A list of edge cases that occur in bug bounty programs, conversations on how they should be handled. The goal is to standardise the way t…
  ☆227Updated 2 years ago
• optiv / mobile-nuclei-templates
  ☆385Updated 3 years ago
• assetnote / surf
  Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …
  ☆524Updated 9 months ago
• mschwager / route-detect
  Find authentication (authn) and authorization (authz) security bugs in web application routes.
  ☆250Updated 2 months ago
• koenbuyens / Vulnerable-OAuth-2.0-Applications
  vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.
  ☆305Updated 5 months ago
• osmedeus / osmedeus-base
  Build your own reconnaissance system with Osmedeus Next Generation
  ☆177Updated 3 months ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆196Updated 2 years ago
• PortSwigger / autowasp
  BurpSuite Extension: A one-stop pen testing checklist and logger tool
  ☆258Updated last year
• nikitastupin / param-miner-doc
  Unofficial documentation for the great tool Param Miner
  ☆169Updated 2 years ago
• honoki / bbrf-server
  The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
  ☆287Updated last year
• PalindromeLabs / STEWS
  A Security Tool for Enumerating WebSockets
  ☆320Updated 2 years ago
• forcesunseen / graphquail
  Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
  ☆182Updated last month
• Karmaz95 / crimson
  Web Application Security Testing Tools
  ☆230Updated 6 months ago
• Brum3ns / firefly
  Black box fuzzer for web applications
  ☆395Updated 2 months ago
• Th0h0 / autossrf
  Smart context-based SSRF vulnerability scanner.
  ☆323Updated 2 years ago
• hahwul / authz0
  🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
  ☆388Updated 3 weeks ago
• Hacker0x01 / awesome-hacker-api-tools
  A collection of hacker tools using HackerOne's API
  ☆248Updated 2 years ago
• daffainfo / all-about-apikey
  Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)
  ☆258Updated 11 months ago
• cezary-sec / awesome-browser-security
  A curated list of awesome browser security learning material.
  ☆128Updated last year
• 0xsha / GoLinkFinder
  A fast and minimal JS endpoint extractor
  ☆302Updated 8 months ago
• projectdiscovery / nuclei-action
  Vulnerability Scan with Nuclei
  ☆238Updated last month
• swoops / eval_villain
  A Firefox Web Extension to improve the discovery of DOM XSS.
  ☆249Updated 11 months ago
• iamthefrogy / Web-Application-Pentest-Checklist
  This is one of the largest checklist available so far on the Internet.
  ☆230Updated 2 years ago
• projectdiscovery / interactsh-web
  Web dashboard for Interactsh client
  ☆188Updated this week
• w9w / JSA
  Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.
  ☆313Updated last year
• trufflesecurity / of-CORS
  ☆143Updated last year
• 0xDexter0us / Scavenger
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆228Updated 2 years ago
• trickest / find-gh-poc
  Find CVE PoCs on GitHub
  ☆136Updated 11 months ago
• cramppet / regulator
  Automated learning of regexes for DNS discovery
  ☆350Updated last year
• MayankPandey01 / Jira-Lens
  Fast and customizable vulnerability scanner For JIRA written in Python
  ☆318Updated 7 months ago