Pinned Repositories
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
anti-xss
㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
karma_v2
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
recollapse
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
weaponised-XSS-payloads
XSS payloads designed to turn alert(1) into P1
Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
WebSecurity-PenTesting's Repositories
WebSecurity-PenTesting/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
WebSecurity-PenTesting/Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
WebSecurity-PenTesting/anti-xss
㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
WebSecurity-PenTesting/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
WebSecurity-PenTesting/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
WebSecurity-PenTesting/karma_v2
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
WebSecurity-PenTesting/recollapse
REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications
WebSecurity-PenTesting/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
WebSecurity-PenTesting/weaponised-XSS-payloads
XSS payloads designed to turn alert(1) into P1
WebSecurity-PenTesting/xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
WebSecurity-PenTesting/AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
WebSecurity-PenTesting/API-Security
OWASP API Security Project
WebSecurity-PenTesting/Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
WebSecurity-PenTesting/awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
WebSecurity-PenTesting/AwesomeXSS
Awesome XSS stuff
WebSecurity-PenTesting/Cloud-Security-Attacks
Azure and AWS Attacks
WebSecurity-PenTesting/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
WebSecurity-PenTesting/Mind-Maps
Mind-Maps of Several Things