cneill / appsec-resources
Resources for developers and security engineers to learn the ropes of application security
☆99Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for appsec-resources
- burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…☆156Updated 5 years ago
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆163Updated last year
- A regex based source code scanner.☆128Updated 7 years ago
- ☆92Updated 6 years ago
- This is a bundle of python and bash penetration testing tools for recon and information gathering.☆80Updated 8 years ago
- A project designed to parse public source code repositories and find various types of vulnerabilities.☆190Updated 7 years ago
- Web Application Security☆124Updated 4 months ago
- PwnableWeb is a suite of web applications for use in information security training.☆87Updated 10 years ago
- Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website☆136Updated 4 years ago
- An example of obtaining RCE via Redis and CSRF☆77Updated 8 years ago
- ☆45Updated 7 years ago
- User, contributor and developer friendly vulnerability database☆129Updated 5 years ago
- Proof-of-concept two-stage dropper generator that uses bits from external sources☆97Updated 6 years ago
- A collection of all the lists, scripts and techniques I use while doing web application penetration tests.☆168Updated 8 years ago
- Integris Security Carbonator - The Burp Suite Pro extension that automates scope, spider & scan from the command line. Carbonator helps a…☆74Updated 6 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Updated 7 years ago
- A repository for large scripts from my book.☆162Updated 3 years ago
- ☆122Updated 6 years ago
- The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch☆112Updated 4 years ago
- A Github organization reconnaissance tool.☆214Updated last year
- A mass subdomain (Subbrute) + poodle vulnerability scanner☆74Updated 6 years ago
- Public exploits (re)writed while learning.☆59Updated 11 years ago