Web Application Security
☆131Jan 6, 2026Updated 3 months ago
Alternatives and similar repositories for WebAppSec
Users that are interested in WebAppSec are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Web Application Security related tools. Includes backdoors, proof of concepts and tricks☆37Oct 21, 2014Updated 11 years ago
- Scripts that I've written that others may find useful☆13Aug 17, 2022Updated 3 years ago
- Image size issues plugin for Burp Suite☆95Jun 27, 2018Updated 7 years ago
- ☆128Oct 19, 2016Updated 9 years ago
- ☆18Oct 11, 2018Updated 7 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- ☆44Sep 28, 2016Updated 9 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- A collection of all the lists, scripts and techniques I use while doing web application penetration tests.☆168Feb 29, 2016Updated 10 years ago
- Merge results from NMAP and Masscan into one CSV file☆18Jun 19, 2018Updated 7 years ago
- A mass subdomain (Subbrute) + poodle vulnerability scanner☆75Oct 31, 2018Updated 7 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆260Aug 22, 2021Updated 4 years ago
- Nodejs application intentionally vulnerable to SSRF☆42May 12, 2023Updated 2 years ago
- ☆11Apr 18, 2018Updated 7 years ago
- Proof of Concepts, Exploits☆28Apr 8, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆140Feb 18, 2021Updated 5 years ago
- a tiny tool for swf hacking, just browse it:)☆243Mar 13, 2013Updated 13 years ago
- Lair Framework dockerized.☆38Apr 17, 2021Updated 4 years ago
- A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network☆574Dec 9, 2017Updated 8 years ago
- A Custom Scanner for Burp☆31Mar 26, 2014Updated 12 years ago
- Blind SQL injection exploitation tool written in ruby.☆99Dec 1, 2024Updated last year
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆166May 19, 2023Updated 2 years ago
- My collection of exploit development skeletons for fuzzing, overwriting the stack, remote code execution, etc.☆16Mar 19, 2025Updated last year
- Scripts and tools for AWS Pentest☆53Oct 22, 2020Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Sep 24, 2012Updated 13 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,139Dec 16, 2024Updated last year
- Exploit insecure crossdomain.xml files.☆26Apr 25, 2017Updated 8 years ago
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆562Aug 25, 2022Updated 3 years ago
- Tools of "The Bug Hunters Methodology V2 by @jhaddix"☆201Aug 11, 2017Updated 8 years ago
- Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)☆38Apr 14, 2016Updated 9 years ago
- Chrome Extension for XSS Hunter Payloads☆42Sep 7, 2016Updated 9 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35May 19, 2019Updated 6 years ago
- scripts used in my pentest work.☆44Jan 14, 2016Updated 10 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Automated Responder/secretsdump.py cracking☆187May 16, 2016Updated 9 years ago
- Burp Suite extension to passively scan for applications revealing server error messages☆64Dec 15, 2023Updated 2 years ago
- A collection of curated Java Deserialization Exploits☆592May 16, 2021Updated 4 years ago
- Nmap enumeration and script scan automation script☆38Mar 7, 2023Updated 3 years ago
- ☆122Mar 27, 2017Updated 9 years ago
- ☆332Jan 8, 2018Updated 8 years ago
- Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT☆407Updated this week