Notes I've taken while working through various web app pentesting labs.
☆91Apr 26, 2018Updated 7 years ago
Alternatives and similar repositories for Web-App-Hacking-Notes
Users that are interested in Web-App-Hacking-Notes are comparing it to the libraries listed below
Sorting:
- Lab Material for the One-Day Web Application Penetration Testing Fundamentals Course☆10Jun 22, 2021Updated 4 years ago
- The official BBF university.☆10Oct 12, 2017Updated 8 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 6 years ago
- ☆10Jul 5, 2020Updated 5 years ago
- security related events, tools, tutorials, cheatsheets, and more.☆11Oct 20, 2015Updated 10 years ago
- list of sql-injection and XSS strings☆113Dec 14, 2015Updated 10 years ago
- Hunting Bugs for Fun and Profit☆273Jul 29, 2020Updated 5 years ago
- Windows 10 Exploit☆30Oct 29, 2018Updated 7 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Feb 2, 2019Updated 7 years ago
- Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.☆472Nov 10, 2022Updated 3 years ago
- Takes ip range, Scan all open SSL Certs, Grab Cnames☆113Sep 23, 2018Updated 7 years ago
- 梧桐百科投稿通道☆22May 21, 2018Updated 7 years ago
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆93Jun 11, 2023Updated 2 years ago
- This is a backdoor about discover network device ,and it can hidden reverse connecting the hacker's server with encrypt commuication 后渗透后…☆198Aug 29, 2015Updated 10 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆37Nov 8, 2017Updated 8 years ago
- ☆41Jul 23, 2018Updated 7 years ago
- Security conferences talks☆25Jul 10, 2020Updated 5 years ago
- 分享在建设安全管理体系、ISO27001、等级保护、安全评审过程中的点点滴滴☆23Aug 27, 2018Updated 7 years ago
- ☆26Feb 16, 2021Updated 5 years ago
- bug bounty☆11Aug 13, 2023Updated 2 years ago
- Metarget技术交流群分享内容定期存档☆12Oct 22, 2021Updated 4 years ago
- Regular expression Search on the command-line☆16Mar 31, 2025Updated 11 months ago
- Simple script for testing CVE-2016-2402 and similar flaws☆13Mar 30, 2016Updated 9 years ago
- CVE-2018-8021 Proof-Of-Concept and Exploit☆106Dec 3, 2018Updated 7 years ago
- TokyoWesterns CTF 4th 2018 shrine☆12Aug 23, 2019Updated 6 years ago
- Uses Go net/http library to distinguish alive hosts from a give list of hosts/urls☆12Dec 23, 2019Updated 6 years ago
- Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT☆404Feb 20, 2026Updated last week
- Notes as I learn basic AWS penetration testing☆67May 28, 2019Updated 6 years ago
- Use IronPython directly in your code without IronPython DLLs and dependencies☆12Jan 19, 2022Updated 4 years ago
- ☆11May 15, 2020Updated 5 years ago
- LEMPO (Ldap Exposure on POrtainer) is an exploit for CVE-2018-19466 (LDAP Credentials Disclosure on Portainer). Featured @ DevFest Siberi…☆11May 12, 2020Updated 5 years ago
- -notes and scripts for online course OffIOT☆12Jan 19, 2026Updated last month
- My solutions in Python for Corelan's Exploit Writing Tutorials☆13Jun 2, 2016Updated 9 years ago
- 护网杯 2018 WEB (1) easy_tornado☆15Aug 22, 2019Updated 6 years ago
- ☆10Jun 11, 2018Updated 7 years ago
- CTF Writeups☆12Feb 25, 2023Updated 3 years ago
- post exploitation: dll injection, process hollowing, RunPe, Keyloggers, UacByPass, PayloadEncryption etc..☆14Aug 31, 2017Updated 8 years ago
- Some scripts for penetration testing☆30Dec 29, 2018Updated 7 years ago
- Yahoo subdomains for bug bounty☆22Mar 22, 2019Updated 6 years ago