Collection of web app methodology from initial recon into exploit known vulnerability. Used when conducting Bug Bounty, Penetration Testing, or CTF
☆13Oct 23, 2021Updated 4 years ago
Alternatives and similar repositories for Web-App-Methodology
Users that are interested in Web-App-Methodology are comparing it to the libraries listed below
Sorting:
- Welcome! This repo is a conglomeration of tips, tricks, tools, and data analysis to use while doing web application security assessments,…☆14Jan 13, 2019Updated 7 years ago
- ☆27Jan 25, 2020Updated 6 years ago
- DNS Misconfiguration : S0x4 - Same Site Scripting Scanner☆15Jan 20, 2021Updated 5 years ago
- A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms ti…☆96Jun 5, 2021Updated 4 years ago
- HTML5 Training material for Attack and Secure training sessions.☆43Feb 25, 2023Updated 3 years ago
- Subvenkon is a subdomain enumerator from Venkon☆22Jun 22, 2020Updated 5 years ago
- C# and Impacket implementation (here with Kerberos auth support) of PrintNightmare CVE-2021-1675/CVE-2021-34527☆29Jul 7, 2021Updated 4 years ago
- ☆27Mar 18, 2020Updated 5 years ago
- 一款支持检测web应用程序未授权访问缺陷的burp suite插件,可自定义配置检测字段以及返回包json数据分析☆12Apr 22, 2024Updated last year
- Project Morya is just a collection of bash scripts that runs iteratively to carry out various tools and recon process & store output in a…☆72Mar 5, 2022Updated 3 years ago
- Repo containing my personal walkthroughs of PMAT Labs i.e. PMAT Malware Samples.☆43Mar 23, 2022Updated 3 years ago
- Scripts that we use for pentesting☆42Feb 24, 2017Updated 9 years ago
- ☆11Aug 25, 2018Updated 7 years ago
- The official repo of BSIS☆14Feb 16, 2012Updated 14 years ago
- Active Directory share enumeration tool☆12Apr 28, 2025Updated 10 months ago
- A FullC2 Framework TUI + Web UI That Focuses On Network Stressing☆14Aug 24, 2025Updated 6 months ago
- GUI Tool to Generate Android Payloads.☆10May 20, 2020Updated 5 years ago
- Burp extension to automatically drop requests that match a certain regex.☆10Mar 10, 2023Updated 2 years ago
- This simple SMB vulnerability MS17-010 scanner is developed to help security professionals to quickly check if a computer is vulnerable t…☆10Jul 24, 2017Updated 8 years ago
- Curso realizado por Ricardo Narvaja de CrackLatinos (Mirror) http://ricardonarvaja.info☆12May 28, 2018Updated 7 years ago
- PHP Application To Spoof And Send E-mail.☆10Jan 4, 2016Updated 10 years ago
- Recon tool for URLs discovery☆12Jun 19, 2024Updated last year
- This is the C version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.☆12Feb 15, 2017Updated 9 years ago
- 一款集成了Nuclei模板管理、多空间引擎搜索的网络安全工具集。为安全研究人员提供高效的工作体验。☆22Feb 12, 2026Updated 2 weeks ago
- The Proxy Auto Configuration (PAC) file dynamic generator which allows you to specify the proxying rules and the PAC-file will be generat…☆10Dec 5, 2019Updated 6 years ago
- The .NET equivalent of Window's rundll.exe/rundll32.exe☆11Oct 24, 2020Updated 5 years ago
- Kubernetes Fundamentals Book☆14Feb 5, 2019Updated 7 years ago
- Virtual host bruteforcer against given network range or single ip☆11Mar 21, 2019Updated 6 years ago
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆25Jun 11, 2025Updated 8 months ago
- Random Tips and Writeups.☆15Feb 21, 2019Updated 7 years ago
- A PoC that uses the DirSync protocol to poll Active Directory for changes☆13Aug 16, 2020Updated 5 years ago
- Mass Assigner is a simple tool made to probe for mass assignment vulnerability through JSON field modification in HTTP requests☆17Jun 22, 2024Updated last year
- A Collection of all things Security☆11Sep 24, 2020Updated 5 years ago
- Google Hack Database Web Site Scrapper w/ DB updater utility. ASP.NET MVC web utility and Windows application for generating google hack …☆11Jun 23, 2016Updated 9 years ago
- A security-first MCP server empowering AI agents to orchestrate Ghidra, Radare2, and YARA for automated reverse engineering.☆47Jan 21, 2026Updated last month
- Advanced way to mitigate bot attacks for large networks☆11Mar 3, 2019Updated 7 years ago
- Lightweight reflection scanner☆20Aug 31, 2025Updated 6 months ago
- A powerful Burp Suite extension that automatically detects JavaScript URLs from HTTP traffic, scans them using TruffleHog for secrets det…☆31Oct 23, 2025Updated 4 months ago
- Security scanner tool for Plone CMS.☆19May 14, 2012Updated 13 years ago