andresriancho / w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
☆4,522Updated last year
Related projects: ⓘ
- Web Application Security Scanner Framework☆3,753Updated last year
- Web application fuzzer☆5,866Updated last month
- Nikto web server scanner☆8,336Updated last week
- Next generation web scanner☆5,448Updated 2 months ago
- Open Source Vulnerability Management Platform☆4,871Updated this week
- Automated All-in-One OS Command Injection Exploitation Tool.☆4,513Updated this week
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆5,176Updated last month
- Automated NoSQL database enumeration and web application exploitation tool.☆2,868Updated last month
- The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb☆7,706Updated last year
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,146Updated 10 months ago
- Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.☆3,538Updated 8 months ago
- Weaponized web shell☆3,160Updated 4 months ago
- Advanced vulnerability scanning with Nmap NSE☆3,444Updated last week
- A Tool for Domain Flyovers☆5,604Updated 2 years ago
- Knock Subdomain Scan☆3,839Updated last month
- The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.☆5,089Updated 3 weeks ago
- Most advanced XSS scanner.☆13,160Updated last month
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,636Updated 2 years ago
- Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.☆4,683Updated 2 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆4,905Updated last month
- Fast subdomains enumeration tool for penetration testers☆9,679Updated last month
- A DNS meta-query spider that enumerates DNS records, and subdomains.☆3,331Updated 2 years ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,402Updated 4 years ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆4,461Updated 4 years ago
- Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload cre…☆3,412Updated 3 weeks ago
- Attack Surface Management Platform☆7,936Updated last month
- Git All the Payloads! A collection of web attack payloads.☆3,596Updated last year
- Web path scanner☆11,866Updated last month
- Directory/File, DNS and VHost busting tool written in Go☆9,580Updated last week
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,739Updated 4 months ago