wisec / OWASP-Testing-Guide-v5
The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.
☆75Updated 5 years ago
Alternatives and similar repositories for OWASP-Testing-Guide-v5:
Users that are interested in OWASP-Testing-Guide-v5 are comparing it to the libraries listed below
- The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters☆101Updated last year
- BurpSuite using the document and some extensions☆68Updated 4 years ago
- Workshop given at Hack in Paris 2019☆121Updated last year
- Vulnerable SAML infrastructure training applicaiton☆51Updated 2 years ago
- A list of "secrets" from JWT sample code and readme files.☆54Updated 4 years ago
- Automatically modify the User-Agent header in all Burp requests☆55Updated 7 years ago
- ☆71Updated 4 years ago
- HTTP parameter discovery suite.☆61Updated 4 years ago
- ☆80Updated 3 years ago
- ☆76Updated 4 years ago
- GraphQL security workshop labs☆102Updated 8 months ago
- OSWE Preparation☆37Updated 5 years ago
- ☆29Updated 3 years ago
- A Tool for Domain Flyovers☆100Updated 4 months ago
- Data from my Sunday streams☆74Updated 5 years ago
- Penetration Test Methodology☆15Updated this week
- Various Payload wordlists☆235Updated 4 years ago
- XSS Payload without Anything.☆103Updated 5 years ago
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.☆154Updated last week
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- A python based blind SQL injection exploitation script☆136Updated 5 years ago
- Notes for CRTP☆40Updated 4 years ago
- This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities☆90Updated last year
- A simple Cherry Tree template that can be used to organize bug bounties☆37Updated 5 years ago
- A tool geared towards pentesting APIs using OpenAPI definitions.☆174Updated 2 years ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆60Updated 6 years ago
- A Burp Suite Extension for parsing Project Files from the CLI.☆87Updated 6 months ago
- This script is intended to automate your reconnaissance process in an organized fashion☆39Updated 7 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆75Updated 2 years ago
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆42Updated last year