The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.
☆31Oct 27, 2025Updated 4 months ago
Alternatives and similar repositories for wstg
Users that are interested in wstg are comparing it to the libraries listed below
Sorting:
- The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.☆11Apr 6, 2020Updated 5 years ago
- API for Asset Service☆15Aug 15, 2024Updated last year
- Python Duo Push API☆42May 31, 2025Updated 9 months ago
- GraphQL automatic fuzzing tool☆16Jul 16, 2021Updated 4 years ago
- ☆60Jul 26, 2024Updated last year
- ☆18Nov 18, 2022Updated 3 years ago
- Nuclei plugin for BurpSuite☆15Nov 29, 2024Updated last year
- ☆24Jan 26, 2021Updated 5 years ago
- Expand urls into one url for each path depth☆31Jul 29, 2020Updated 5 years ago
- A BurpSuite plugin for BBRF☆25Nov 17, 2024Updated last year
- Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, Paramete…☆51Jun 14, 2020Updated 5 years ago
- Download content of an open bucket☆16Dec 28, 2019Updated 6 years ago
- Instant access to you bug bounty submission dashboard on various platforms + publicly disclosed reports + #bugbountytip☆26May 26, 2020Updated 5 years ago
- H&E- Burp Highlighter and Extractor☆18Mar 29, 2023Updated 2 years ago
- ☆63Jul 23, 2024Updated last year
- ☆17May 7, 2021Updated 4 years ago
- vīlicus is a bug bounty api dashboard☆41Aug 13, 2023Updated 2 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆211Oct 31, 2024Updated last year
- Hackthebox tools☆13Mar 3, 2019Updated 7 years ago
- Some contributions in the nuclei-templates repository☆62Jun 18, 2022Updated 3 years ago
- Create your Custom Wordlist For Fuzzing☆201Oct 14, 2024Updated last year
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆45Jun 3, 2024Updated last year
- Collection of some pentesting and bugbounty resources☆47Feb 5, 2022Updated 4 years ago
- Automatic SQL injection and database takeover tool☆45Nov 27, 2025Updated 3 months ago
- XSSInspector can defeat any WAF in the world with its AI and 96 filter set. This open-source solution simplifies XSS vulnerability identi…☆12Sep 8, 2025Updated 6 months ago
- A lightweight version of my bug bounty hunting framework designed to be run on Synack's LP+ machines.☆12Jul 11, 2023Updated 2 years ago
- Recon-Ninja☆86Mar 24, 2024Updated last year
- Discovery Header Bug Bounty to DoD☆49Aug 20, 2021Updated 4 years ago
- Interview questions to screen offensive (red team/pentest) candidates☆12Apr 7, 2017Updated 8 years ago
- ☆16Updated this week
- Oyedata is a tool to perform OData assessments☆13Aug 3, 2012Updated 13 years ago
- De-clutter a list of URLs☆385Mar 8, 2026Updated last week
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆34Feb 12, 2022Updated 4 years ago
- ☆13Feb 14, 2022Updated 4 years ago
- It's an watcher for new scopes added to bounty-targets-data and send you alert to Slack.☆59Mar 2, 2022Updated 4 years ago
- Convert asciinema JSON files to GIF for embedding in Github, Medium, email, Slack and more!☆10Sep 24, 2020Updated 5 years ago
- An automation framework for CyberSecurity Tools☆12Dec 6, 2025Updated 3 months ago
- HTTP request smuggling tools☆18Aug 17, 2020Updated 5 years ago
- retrive metadata endpoint data with these one liners.☆41Aug 11, 2020Updated 5 years ago