bkimminich / webappsec-nutshell
An ultra-compact intro (or refresher) to Web Application Security.
☆31Updated 6 years ago
Related projects: ⓘ
- Use burp's JS static code analysis on code from your local system.☆42Updated 7 years ago
- AutoTriageBot automatically verifies, deduplicates, and suggests payouts for incoming HackerOne reports.☆57Updated 2 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35Updated 5 years ago
- ☆27Updated this week
- Overview Tooling Process Physical People☆45Updated 3 years ago
- Puny Domain Name Check☆36Updated 5 years ago
- ☆29Updated this week
- ☆13Updated 7 years ago
- Run DependencyCheck Against Your Orgs GitHub Repos.☆14Updated 6 years ago
- Open Security Summit 2018☆28Updated 3 years ago
- VPS Network Cloud Web Applications☆24Updated 5 years ago
- Finds sensitive stuff in your git repository by specifying terms to look for☆31Updated 6 years ago
- Damn Vulnerable Node Application☆20Updated 8 years ago
- OWASP Web Application Testing Cheat Sheet converted to tool formats☆25Updated 7 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 8 years ago
- automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.☆72Updated 4 years ago
- DNS Enumeration and Reconnaissance Tool☆37Updated 8 years ago
- A tiny chrome extension to record and replay your web application proof-of-concepts.☆20Updated 7 years ago
- MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.☆30Updated 8 years ago
- General scripts for random stuff☆38Updated 2 years ago
- Burp Notes Extension is a plugin for Burp Suite that adds a Notes tab. The tool aims to better organize external files that are created d…☆67Updated 4 months ago
- Burp extension for decoding WCF-gzipped requests.☆12Updated 8 years ago
- Six Degrees of Domain Admin☆15Updated 6 years ago
- Framework for Automated Security Testing that is Scaleable and Asynchronous built on Microservices☆18Updated 7 years ago
- OAuth Security Cheatsheet☆39Updated 10 years ago
- A collection of useful scripts for penetration testers☆81Updated 11 years ago
- A curated lust of awesome cyber civil society actors, project etc.☆10Updated 4 years ago
- ☆21Updated this week
- Static Code Analysis tool. Platform and language agnostic. Provides reporting and custom signatures.☆12Updated 8 years ago
- This repository is a curated list of pro bono incident response entities.☆19Updated last year