Web Application Security
☆130Jan 6, 2026Updated last month
Alternatives and similar repositories for WebAppSec
Users that are interested in WebAppSec are comparing it to the libraries listed below
Sorting:
- Web Application Security related tools. Includes backdoors, proof of concepts and tricks☆37Oct 21, 2014Updated 11 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- ☆128Oct 19, 2016Updated 9 years ago
- Image size issues plugin for Burp Suite☆95Jun 27, 2018Updated 7 years ago
- A collection of all the lists, scripts and techniques I use while doing web application penetration tests.☆169Feb 29, 2016Updated 10 years ago
- Exploit insecure crossdomain.xml files.☆26Apr 25, 2017Updated 8 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆379Oct 12, 2020Updated 5 years ago
- Tools of "The Bug Hunters Methodology V2 by @jhaddix"☆201Aug 11, 2017Updated 8 years ago
- ☆44Sep 28, 2016Updated 9 years ago
- Merge results from NMAP and Masscan into one CSV file☆18Jun 19, 2018Updated 7 years ago
- ☆18Oct 11, 2018Updated 7 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆260Aug 22, 2021Updated 4 years ago
- Nodejs application intentionally vulnerable to SSRF☆42May 12, 2023Updated 2 years ago
- Chrome Extension for XSS Hunter Payloads☆41Sep 7, 2016Updated 9 years ago
- A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network☆573Dec 9, 2017Updated 8 years ago
- A WebDAV PROPFIND covert channel to deliver payloads☆52Nov 14, 2017Updated 8 years ago
- Burp Suite extension to passively scan for applications revealing server error messages☆64Dec 15, 2023Updated 2 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- Automated Responder/secretsdump.py cracking☆187May 16, 2016Updated 9 years ago
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆166May 19, 2023Updated 2 years ago
- a tiny tool for swf hacking, just browse it:)☆243Mar 13, 2013Updated 12 years ago
- A suite of CLI tools I built to automate some of the tedious parts of exploit development (specifically, crafting Buffer Overflow Exploit…☆38Feb 21, 2016Updated 10 years ago
- A Custom Scanner for Burp☆31Mar 26, 2014Updated 11 years ago
- A blind SQL injection module that uses bitshfting to calculate characters.☆132Aug 7, 2022Updated 3 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆116Mar 29, 2019Updated 6 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,130Dec 16, 2024Updated last year
- An automated script that download potential exploit for linux kernel from exploitdb, and compile them automatically☆496Sep 21, 2021Updated 4 years ago
- Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT☆404Feb 20, 2026Updated last week
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Sep 24, 2012Updated 13 years ago
- A security testing Slackbot built with a Kubernetes backend on the Google Cloud Platform☆166Sep 14, 2024Updated last year
- Static DOM XSS Scanner is a Static Analysis tool written in python that will iterate through all the JavaScript and HTML files under the …☆119Mar 10, 2015Updated 10 years ago
- Perform WiFi scans from python in OSX. Simply import this module and run wifi_scan()☆18Feb 27, 2016Updated 10 years ago
- "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protecti…☆14Mar 4, 2017Updated 8 years ago
- Damn Vulnerable Thick Client App☆155Jul 16, 2020Updated 5 years ago
- Frontpage and Sharepoint fingerprinting and attack tool.☆284Aug 8, 2021Updated 4 years ago
- [Python] Google Scraper & Mass Exploiter☆30Aug 17, 2021Updated 4 years ago
- Burp extension☆58Jun 18, 2018Updated 7 years ago
- Payload generator for Java Binary Deserialization attack with Commons FileUpload (CVE-2013-2186)☆38Apr 14, 2016Updated 9 years ago
- ☆83Feb 3, 2017Updated 9 years ago