bkimminich / webappsec-nutshell

Related projects: ⓘ

• tomsteele / burpstaticscan
  Use burp's JS static code analysis on code from your local system.
  ☆42Updated 7 years ago
• salesforce / AutoTriageBot
  AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.
  ☆57Updated 2 years ago
• skepticfx / damnvulnerable.me
  A deliberately vulnerable modern day app with lots of DOM related bugs
  ☆35Updated 5 years ago
• righettod / owasp-cs-book
  ☆27Updated this week
• binarymist / HolisticInfoSec-For-WebDevelopers-Fascicle0
  Overview Tooling Process Physical People
  ☆45Updated 3 years ago
• anilyuk / punydomaincheck
  Puny Domain Name Check
  ☆36Updated 5 years ago
• ConfWatch / confwatch-data
  ☆29Updated this week
• OWASP / AppSecEurope2017
  ☆13Updated 7 years ago
• jgamblin / GithubDependencyCheck
  Run DependencyCheck Against Your Orgs GitHub Repos.
  ☆14Updated 6 years ago
• OpenSecuritySummit / oss2018
  Open Security Summit 2018
  ☆28Updated 3 years ago
• binarymist / HolisticInfoSec-For-WebDevelopers-Fascicle1
  VPS Network Cloud Web Applications
  ☆24Updated 5 years ago
• PaulSec / pepito
  Finds sensitive stuff in your git repository by specifying terms to look for
  ☆31Updated 6 years ago
• isp1r0 / DVNA
  Damn Vulnerable Node Application
  ☆20Updated 8 years ago
• raesene / OWASP_Web_App_Testing_Cheatsheet_Converter
  OWASP Web Application Testing Cheat Sheet converted to tool formats
  ☆25Updated 7 years ago
• dxa4481 / Damn-Vulnerable-Redis-Container
  An example of obtaining RCE via Redis and CSRF
  ☆76Updated 8 years ago
• skahwah / automato
  automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.
  ☆72Updated 4 years ago
• praetorian-inc / dert
  DNS Enumeration and Reconnaissance Tool
  ☆37Updated 8 years ago
• tunnelshade / pocuito
  A tiny chrome extension to record and replay your web application proof-of-concepts.
  ☆20Updated 7 years ago
• NetSPI / MoneyX
  MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.
  ☆30Updated 8 years ago
• znb / Scripts
  General scripts for random stuff
  ☆38Updated 2 years ago
• SpiderLabs / BurpNotesExtension
  Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created d…
  ☆67Updated 4 months ago
• praetorian-inc / burp-wcf-gzip
  Burp extension for decoding WCF-gzipped requests.
  ☆12Updated 8 years ago
• porterhau5 / BloodHound
  Six Degrees of Domain Admin
  ☆15Updated 6 years ago
• anshumanbh / FASTSAM
  Framework for Automated Security Testing that is Scaleable and Asynchronous built on Microservices
  ☆18Updated 7 years ago
• snyff / oauthsecurity
  OAuth Security Cheatsheet
  ☆39Updated 10 years ago
• pentestgeek / scripts
  A collection of useful scripts for penetration testers
  ☆81Updated 11 years ago
• jaegeral / awesome-cyber-civil-society-actors
  A curated lust of awesome cyber civil society actors, project etc.
  ☆10Updated 4 years ago
• oscpharder / OSCP-Materials
  ☆21Updated this week
• BishopFox / watchtower
  Static Code Analysis tool. Platform and language agnostic. Provides reporting and custom signatures.
  ☆12Updated 8 years ago
• jaegeral / awesome-incident-response-pro-bono
  This repository is a curated list of pro bono incident response entities.
  ☆19Updated last year