Notes I've taken while working through various web app pentesting labs.
☆91Apr 26, 2018Updated 7 years ago
Alternatives and similar repositories for Web-App-Hacking-Notes
Users that are interested in Web-App-Hacking-Notes are comparing it to the libraries listed below
Sorting:
- The official BBF university.☆10Oct 12, 2017Updated 8 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆23Apr 28, 2019Updated 6 years ago
- ☆10Jul 5, 2020Updated 5 years ago
- Collection of scripts that aid in penetration testing of JSON Web Tokens☆59Feb 2, 2019Updated 7 years ago
- security related events, tools, tutorials, cheatsheets, and more.☆11Oct 20, 2015Updated 10 years ago
- Hunting Bugs for Fun and Profit☆276Jul 29, 2020Updated 5 years ago
- list of sql-injection and XSS strings☆113Dec 14, 2015Updated 10 years ago
- TokyoWesterns CTF 4th 2018 shrine☆12Aug 23, 2019Updated 6 years ago
- Bug Bounty Guide is a launchpad for bug bounty programs and bug bounty hunters.☆472Nov 10, 2022Updated 3 years ago
- OWASP practice lab, just a few copy/pastes away. Fully stacked and ready to go with Docker☆21Oct 13, 2018Updated 7 years ago
- Virtual host wordlist☆52Jan 12, 2021Updated 5 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Jan 22, 2018Updated 8 years ago
- ☆26Feb 16, 2021Updated 5 years ago
- Uses Go net/http library to distinguish alive hosts from a give list of hosts/urls☆12Dec 23, 2019Updated 6 years ago
- 护网杯 2018 WEB (1) easy_tornado☆15Aug 22, 2019Updated 6 years ago
- All The Notes And Tips I FOund In Github And Twitter I Put Them Here☆35Aug 31, 2020Updated 5 years ago
- Takes ip range, Scan all open SSL Certs, Grab Cnames☆113Sep 23, 2018Updated 7 years ago
- ☆10Jun 11, 2018Updated 7 years ago
- ☆11May 15, 2020Updated 5 years ago
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆93Jun 11, 2023Updated 2 years ago
- XSS Hunter Burp Plugin☆151Aug 31, 2018Updated 7 years ago
- An entry level resource to learning bug bounty.☆28Apr 11, 2018Updated 7 years ago
- Offensive tool for guessing Active Directory credentials via Kerberos☆10Jan 1, 2024Updated 2 years ago
- Extracting URLs of a specific target based on the results of "commoncrawl.org"☆275Dec 4, 2025Updated 3 months ago
- Regular expression Search on the command-line☆16Mar 31, 2025Updated 11 months ago
- ☆41Jul 23, 2018Updated 7 years ago
- Yahoo subdomains for bug bounty☆22Mar 22, 2019Updated 6 years ago
- Notes as I learn basic AWS penetration testing☆67May 28, 2019Updated 6 years ago
- Windows 10 Exploit☆30Oct 29, 2018Updated 7 years ago
- Writeups of CTFLearn Challenges , by EdbR - EladBeber☆15Feb 21, 2026Updated last month
- A little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.☆166Nov 6, 2019Updated 6 years ago
- My bug bounty notes☆35Apr 10, 2021Updated 4 years ago
- CTF Writeups☆12Feb 25, 2023Updated 3 years ago
- Metarget技术交流群分享内容定期存档☆12Oct 22, 2021Updated 4 years ago
- API research and learning☆12May 22, 2019Updated 6 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆38Nov 8, 2017Updated 8 years ago
- This is a backdoor about discover network device ,and it can hidden reverse connecting the hacker's server with encrypt commuication 后渗透后…☆198Aug 29, 2015Updated 10 years ago
- 分享在建设安全管理体系、ISO27001、等级保护、安全评审过程中的点点滴滴☆23Aug 27, 2018Updated 7 years ago
- vulnerable single sign on☆149Aug 1, 2024Updated last year