web-penetration-testing
There are 53 repositories under web-penetration-testing topic.
thewhiteh4t/FinalRecon
All In One Web Recon
0xInfection/TIDoS-Framework
The Offensive Manual Web Application Penetration Testing Framework.
t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator.
ivan-sincek/penetration-testing-cheat-sheet
Work in progress...
ivan-sincek/php-reverse-shell
PHP shells that work on Linux OS, macOS, and Windows OS.
ivan-sincek/forbidden
Bypass 4xx HTTP response status codes and more. Based on PycURL and Python Requests.
D4Vinci/Clickjacking-Tester
A python script designed to check if the website if vulnerable of clickjacking and create a poc
Nabil-Official/N-WEB
WEB PENETRATION TESTING TOOL 💥
t3l3machus/OWASP-Testing-Guide-Checklist
OWASP based Web Application Security Testing Checklist
pentagridsec/PentagridScanController
Improve automated and semi-automated active scanning in Burp Pro
ivan-sincek/java-reverse-tcp
JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.
sil3ntH4ck3r/WebVulnLab
Herramienta donde puedes practicar las vulnerabilidades web más conocidas
an4kein/_sql_injections
Hello my friends, it is my repo about sql injections. Call me in Telegram: @anakein
shadforth/pentesterlab-bootcamp
My notes on PentesterLab's Bootcamp series 🕵️
zAbuQasem/MyNotes
My notes from courses,books ..etc
ivan-sincek/xss-catcher
Simple API for storing all incoming XSS requests and various XSS templates.
WH1T3-E4GL3/white-dav
This is a website penetration testing tool for testing webdav server vulnerabilities.
ivan-sincek/chad
Search Google Dorks like Chad. / Social media takeover tool.
MrPr0fessor/Google-Dorks-for-Cross-site-Scripting-XSS
Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML content. Widespread due to input validation lapses.
fxrhan/Web-Recon-Automation
A bash script to automate the necessary Reconnaissance task for websites.
Malwareman007/Hacking_Tools
All Type Of Tools written in multipule language .
ivan-sincek/metagoofeel
Web crawler and downloader based on GNU Wget.
thenurhabib/maincoon
MainCoon is an automated recon framework meant for gathering information during penetration testing of web applications.
TorhamDev/Death-engine
A powerful recon tool
fxrhan/all-XSS-Payloads
This is a list contains 7000+ Cross Site Scripting Payloads.
ivan-sincek/jwt-bf
Brute force a JWT token. Script uses multithreading.
pentagridsec/PentagridResponseOverview
Response Overview Extension for BurpSuite
ivan-sincek/dnsrecon-chunked
Brute force subdomains in multiple smaller iterations. Based on DNSRecon.
pavi103/pentest-checklist
comprehensive pentesting checklist.
pentagridsec/PentagridBurpTransportEncoding
Burp Suite extensions if you want to teach Burp a new Transport-Encoding
ivan-sincek/scrapy-scraper
Web crawler and scraper based on Scrapy and Playwright's headless browser.
LighTend3r/generate-file-upload
Generate some payload to bypass restriction when you perform a file upload
purvasingh96/GHCI-2019
:neckbeard: This repository contains slides and notes from my workshop at the Grace Hopper Conference, India (2019).
c0brabaghdad1/cve_Directory
This script take a URL or list of subdomain and the required DIR for specific CVE and give the response code for each url
ivan-sincek/file-scraper
Scrape files for sensitive information, and generate an interactive HTML report. Based on Rabin2.
x86xFX/CORS_exploiter
This tool build for test Cross Origin Sharing vulnerabilities