security-checklist / php-security-check-list
PHP Security Check List [ EN ] π β£οΈ
β296Updated 5 years ago
Alternatives and similar repositories for php-security-check-list:
Users that are interested in php-security-check-list are comparing it to the libraries listed below
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabiβ¦β353Updated last month
- Nano is a family of PHP web shells which are code golfed for stealth.β442Updated 5 years ago
- Sample vulnerable code and its exploit codeβ190Updated 4 years ago
- Bypassing disabled exec functions in PHP (c) CRLFβ401Updated 4 years ago
- RIPS - A static source code analyser for vulnerabilities in PHP scriptsβ316Updated 3 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.β469Updated 5 years ago
- Fuzzing Payloads to Assist in Web Application Testing.β166Updated 5 years ago
- A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockersβ275Updated 6 years ago
- Penetration Testing Playbook (PTP)β175Updated 6 years ago
- Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing andβ¦β273Updated 7 months ago
- Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn reaβ¦β455Updated 3 years ago
- Another way to bypass WAF Cheat Sheet (draft)β422Updated 6 years ago
- β326Updated 7 years ago
- Some tools to automate recon - 003randomβ294Updated 6 years ago
- Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applicaβ¦β481Updated 6 years ago
- Tulpar - Web Vulnerability Scannerβ201Updated 5 years ago
- Toolset for detecting reflected xss in websitesβ113Updated 6 years ago
- A collection of web pages, vulnerable to command injection flaws.β179Updated 2 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.β137Updated 5 years ago
- This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is fβ¦β159Updated 3 years ago
- Burp Suite extension to discover assets from HTTP response.β225Updated 3 months ago
- OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.β342Updated last month
- JShell - Get a JavaScript shell with XSS.β522Updated 5 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coderβ280Updated 7 years ago
- Find known vulnerabilities in WordPress plugins and themes using Burp Suite proxy. WPScan like plugin for Burp.β181Updated 5 years ago
- A wrapper for Nmap to quickly run network scansβ147Updated 4 years ago
- Exploitation for XSSβ714Updated 3 years ago
- This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard cerβ¦β286Updated 3 months ago
- A collection of the solutions people wrote for the H1-212 Capture The Flag eventβ95Updated 6 years ago
- A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.β164Updated 5 years ago