andresriancho / w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
☆4,584Updated last year
Related projects ⓘ
Alternatives and complementary repositories for w3af
- Web Application Security Scanner Framework☆3,787Updated last year
- Next generation web scanner☆5,557Updated 4 months ago
- Nikto web server scanner☆8,630Updated this week
- Web application fuzzer☆5,968Updated 3 months ago
- The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb☆7,737Updated 2 years ago
- Automated All-in-One OS Command Injection Exploitation Tool.☆4,613Updated this week
- Weaponized web shell☆3,203Updated last month
- Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.☆3,579Updated last month
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆5,300Updated last month
- Automated NoSQL database enumeration and web application exploitation tool.☆2,929Updated 3 months ago
- Knock Subdomain Scan☆3,883Updated this week
- Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.☆4,766Updated 4 months ago
- Open Source Vulnerability Management Platform☆5,048Updated 3 weeks ago
- The ZAP by Checkmarx Core project☆12,751Updated this week
- Fast subdomains enumeration tool for penetration testers☆9,883Updated 3 months ago
- Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload cre…☆3,444Updated last month
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,684Updated 3 years ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,249Updated last year
- A DNS meta-query spider that enumerates DNS records, and subdomains.☆3,361Updated 2 years ago
- A Tool for Domain Flyovers☆5,644Updated 2 years ago
- Advanced vulnerability scanning with Nmap NSE☆3,479Updated 2 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆4,996Updated 3 weeks ago
- Git All the Payloads! A collection of web attack payloads.☆3,630Updated last year
- DNS Enumeration Script☆2,641Updated this week
- Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run yo…☆3,487Updated 2 weeks ago
- The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.☆5,167Updated last month
- Attack Surface Management Platform☆8,132Updated 3 weeks ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆4,525Updated 4 years ago
- The Browser Exploitation Framework Project☆9,860Updated this week
- Veil 3.1.X (Check version info in Veil at runtime)☆4,008Updated last year