A checklist of important security issues you should consider when creating a web application.
☆424May 10, 2021Updated 4 years ago
Alternatives and similar repositories for WebDeveloperSecurityChecklist
Users that are interested in WebDeveloperSecurityChecklist are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆85Oct 15, 2022Updated 3 years ago
- Nashorn Post Exploitation☆32Feb 12, 2018Updated 8 years ago
- Windows Privesc Check☆19May 20, 2014Updated 11 years ago
- Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution☆20Sep 2, 2015Updated 10 years ago
- Evil snippets of Underhanded Red Team tactics☆11Jul 5, 2017Updated 8 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Spray SMB with hashes, Then psexec☆32Jul 3, 2019Updated 6 years ago
- Upgrade your netcat shell today!☆58Jul 11, 2017Updated 8 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38May 16, 2017Updated 8 years ago
- Vulnerable Windows Driver with exploits which were used for demonstration purposes on Hunting and exploiting bugs in kernel drivers prese…☆13Jan 29, 2013Updated 13 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- Docker Automated Build for Security Testing Tools☆14Apr 8, 2022Updated 4 years ago
- Damn Vulnerable Node Application☆20Dec 22, 2015Updated 10 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆42Mar 14, 2017Updated 9 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Nov 7, 2017Updated 8 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- ☆26Jul 18, 2017Updated 8 years ago
- Python script to check GitHub accounts for world-editable wiki pages☆21May 8, 2023Updated 2 years ago
- Distributed password cracker for operating over high latency networks of loosely coupled hosts.☆13Jul 30, 2013Updated 12 years ago
- A lab for playing with NoSQL Injection☆134Feb 23, 2026Updated last month
- RFD Checker - security CLI tool to test Reflected File Download issues☆64Feb 26, 2019Updated 7 years ago
- Reverse or bind shell catcher which uprgrades the caught shell to be more like a regular shell☆26Mar 17, 2019Updated 7 years ago
- Pentest Lab on OpenStack with Heat, Chef provisioning and Docker☆382Nov 2, 2017Updated 8 years ago
- ☆21Nov 13, 2019Updated 6 years ago
- The great TCP Gender Changer (tgcd) tool compiled for Windows☆14Apr 18, 2016Updated 10 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Vulnerable Linux socket game for educational purposes☆22Apr 22, 2017Updated 8 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆256Feb 23, 2022Updated 4 years ago
- Checklist of the most important security countermeasures when designing, testing, and releasing your API☆23,208Feb 10, 2026Updated 2 months ago
- Microsoft Office / COM Object DLL Planting☆15May 14, 2016Updated 9 years ago
- NMAP NSE that enumerates VNC authentication types☆17Dec 21, 2010Updated 15 years ago
- DHCP Snooping app - great for finding rogue DHCP servers☆35Jan 25, 2018Updated 8 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- MoneyX is an intentionally vulnerable JSP application used for training developers in application security concepts.☆31May 10, 2016Updated 9 years ago
- Nameserver DNS poisoning attacks made easy☆525Feb 26, 2017Updated 9 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A horizontal and vertical web content enumerator☆50Apr 7, 2026Updated last week
- Exploitation for XSS☆730Aug 5, 2021Updated 4 years ago
- SubdomainDB is a simple self-hosted API that allows you to maintain your own subdomain database.☆30Jan 8, 2018Updated 8 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆159Jul 10, 2025Updated 9 months ago
- Web Application Firewall For Limited Exploitation☆17Nov 15, 2017Updated 8 years ago
- Tool to tackle problematic dangling domains in Amazon Web Services.☆14Oct 11, 2017Updated 8 years ago
- AV Bypass☆29Jan 12, 2018Updated 8 years ago