Web Application Secure Coding Handbook resource.
☆350Mar 10, 2023Updated 3 years ago
Alternatives and similar repositories for Secure-Coding-Handbook
Users that are interested in Secure-Coding-Handbook are comparing it to the libraries listed below
Sorting:
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Sep 14, 2021Updated 4 years ago
- DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover☆851Feb 13, 2023Updated 3 years ago
- 💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh☆3,607Nov 14, 2025Updated 3 months ago
- ☆14Sep 13, 2021Updated 4 years ago
- a tool that compiles a csv of all h1 program stats☆49Jul 2, 2023Updated 2 years ago
- vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.☆328Mar 27, 2024Updated last year
- ☆23Mar 29, 2022Updated 3 years ago
- ☆66Aug 25, 2021Updated 4 years ago
- ☆46Sep 10, 2020Updated 5 years ago
- ☆27Jul 30, 2021Updated 4 years ago
- ☆756Jun 26, 2024Updated last year
- Prototype pollution scanner using headless chrome☆217Jul 27, 2022Updated 3 years ago
- ☆1,014Jan 22, 2022Updated 4 years ago
- A Collection of Proof of Concepts for non-published Web Exploits and Common CVEs☆10Nov 29, 2020Updated 5 years ago
- HTML5 Training material for Attack and Secure training sessions.☆43Feb 25, 2023Updated 3 years ago
- A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.☆1,983Sep 5, 2021Updated 4 years ago
- A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE☆804May 19, 2024Updated last year
- Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practis…☆1,677May 24, 2025Updated 9 months ago
- A small pentesting lab for Azure☆10Apr 19, 2019Updated 6 years ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙☆1,819Jun 9, 2024Updated last year
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆30Mar 2, 2022Updated 4 years ago
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,544Jul 28, 2024Updated last year
- Learning source code review, spot vulnerability, find some ways how to fix it.☆30Nov 17, 2022Updated 3 years ago
- Rip Raw is a small tool to analyse the memory of compromised Linux systems.☆134Jan 31, 2022Updated 4 years ago
- One-stop TLS traffic inspection and manipulation using dynamic instrumentation☆243Aug 26, 2022Updated 3 years ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,804Sep 17, 2024Updated last year
- ☆38Aug 27, 2022Updated 3 years ago
- Tools to assess the DNS security of web applications☆127Oct 5, 2022Updated 3 years ago
- GH-Takeover — GitHub Pages Sub-domain Takeover Automation!☆28Apr 17, 2021Updated 4 years ago
- This challenge is Inon Shkedy's 31 days API Security Tips.☆2,231Apr 20, 2022Updated 3 years ago
- ☆11Oct 7, 2022Updated 3 years ago
- ☆10Apr 6, 2024Updated last year
- GetSimple CMS Custom JS Plugin Exploit RCE Chain☆11Mar 8, 2023Updated 3 years ago
- Bugbounty Resources☆540May 31, 2023Updated 2 years ago
- A checklist of practices for organizations dealing with account takeover (ATO)☆276Oct 4, 2024Updated last year
- ☆95Sep 18, 2021Updated 4 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- Vaf is a cross-platform very advanced and fast web fuzzer written in nim☆320May 29, 2022Updated 3 years ago
- An introduction to Active Directory security☆651Aug 22, 2022Updated 3 years ago