Secure-D / wastc
Secure-D Web Application Security Test Checklist summarizes well-known weaknesses, vulnerabilities and best practices into review topics with short description and recommendation. Its objective is to aid penetration tester to review the web application thoroughly.
☆21Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for wastc
- A formula to calculate bounty amounts.☆13Updated 6 years ago
- Highlighting different firefox containers in Burp Proxy☆11Updated 3 years ago
- WaTF Bank - What a Terrible Failure Mobile Banking Application for Android and iOS☆130Updated 2 years ago
- Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…☆13Updated 2 years ago
- The domain enumeration and scanning tool for hackers☆19Updated last month
- [PHP][Python] Root Exploiter – No Back-Connect☆10Updated 3 years ago
- Jenkins pre-auth RCE exploit. More info at https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266 https://blog.orange.tw/2019/02/…☆10Updated 5 years ago
- Shell script to obtain information from https://crt.sh☆27Updated 7 years ago
- ☆14Updated 3 years ago
- ☆17Updated last year
- Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide☆20Updated 4 years ago
- Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…☆32Updated 5 years ago
- A python module for red teams to support the continuous recon of JavaScript files and HTML script blocks in an active web application.☆13Updated last year
- HP Data Protector Arbitrary Remote Command Execution☆11Updated 6 years ago
- ☆12Updated 3 years ago
- psgen is a powershell payload generator tool for hacking. It can be used to generate, minify, and encode the powershell payload (e.g., re…☆18Updated 4 years ago
- A collection of Burp Suite Lambda Filters ~ Bambdas☆22Updated last month
- Scripts for OSCE☆18Updated 5 years ago
- Tool to get the top android apps for bug bounty purpose☆17Updated 4 years ago
- A bash script that fetches and maintains thousands of DNS resolvers☆65Updated 4 years ago
- VyAPI - A cloud based vulnerable hybrid Android App☆84Updated 4 years ago
- Several Python scripts used to fuzz and exploit SLmail. These are meant to supplement the Kali Linux Hands-on Pentesting Udemy course.☆16Updated 5 years ago
- Create wordlists from source codes files/directories for enumeration☆30Updated last year
- ROP Wargame repository☆26Updated 7 years ago
- CRLFMap is a tool to find HTTP Splitting vulnerabilities☆25Updated 4 years ago
- A tool to fetch and verify the existence of endpoints from the Wayback Machine API.☆51Updated 4 years ago
- services-names-wordlist☆79Updated last week
- Clickjacking PoC Generator☆35Updated 4 years ago