web-penetration-testing
There are 72 repositories under web-penetration-testing topic.
thewhiteh4t/FinalRecon
All In One Web Recon
0xInfection/TIDoS-Framework
The Offensive Manual Web Application Penetration Testing Framework.
t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator.
ivan-sincek/penetration-testing-cheat-sheet
Work in progress...
ivan-sincek/php-reverse-shell
PHP shells that work on Linux OS, macOS, and Windows OS.
Hunterdii/TryHackMe-Roadmap
Hello, aspiring hackers! 🕵️♂️ Here’s a list of 500+ Free TryHackMe rooms to kickstart your cybersecurity journey. These rooms are absolutely free, and I’ve organized them by topic to help you dive in right away. 🛠️
ivan-sincek/forbidden
Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.
D4Vinci/Clickjacking-Tester
A python script designed to check if the website if vulnerable of clickjacking and create a poc
Nabil-Official/N-WEB
WEB PENETRATION TESTING TOOL 💥
t3l3machus/OWASP-Testing-Guide-Checklist
OWASP based Web Application Security Testing Checklist
AngixBlack/Corscan
Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts
ivan-sincek/java-reverse-tcp
JAR, Java, and JSP shells that work on Linux OS, macOS, and Windows OS.
pentagridsec/PentagridScanController
Improve automated and semi-automated active scanning in Burp Pro
MrPr0fessor/Google-Dorks-for-Cross-site-Scripting-XSS
Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML content. Widespread due to input validation lapses.
sil3ntH4ck3r/WebVulnLab
Herramienta donde puedes practicar las vulnerabilidades web más conocidas. Email: info@webvulnlab.org
ivan-sincek/xss-catcher
Simple API for storing all incoming XSS requests and various XSS templates.
shadforth/pentesterlab-bootcamp
My notes on PentesterLab's Bootcamp series 🕵️
zAbuQasem/MyNotes
My notes from courses,books ..etc
an4kein/_sql_injections
Hello my friends, it is my repo about sql injections. Call me in Telegram: @anakein
whxitte/white-dav
This is a website penetration testing tool for testing webdav server vulnerabilities.
0xrajneesh/Web-Pentesting-Projects-For-Beginners
Beginner-friendly web penetration testing projects for hands-on learning.
ivan-sincek/chad
Search Google Dorks like Chad. / Broken link hijacking tool.
Malwareman007/Hacking_Tools
All Type Of Tools written in multipule language .
fxrhan/Web-Recon-Automation
A bash script to automate the necessary Reconnaissance task for websites.
ivan-sincek/file-scraper
Scrape files for sensitive information, and generate an interactive HTML report. Based on Rabin2.
ivan-sincek/scrapy-scraper
Web crawler and scraper based on Scrapy and Playwright's headless browser.
n0mi1k/cacheblaster
A python tool to test for web cache poisoning denial of service (CPDoS) vulnerabilities.
ivan-sincek/metagoofeel
Web crawler and downloader based on GNU Wget.
ivan-sincek/amounts
Generate a wordlist to fuzz amounts or any other numerical values.
pentagridsec/PentagridResponseOverview
Response Overview Extension for BurpSuite - Find exotic responses by grouping response bodies
thenurhabib/maincoon
MainCoon is an automated recon framework meant for gathering information during penetration testing of web applications.
TorhamDev/Death-engine
A powerful recon tool
fxrhan/all-XSS-Payloads
This is a list contains 7000+ Cross Site Scripting Payloads.
ivan-sincek/nagooglesearch
Not another Google searching tool.
ivan-sincek/jwt-bf
Brute force a JWT token. Script uses multithreading.
pentagridsec/PentagridBurpTransportEncoding
Burp Suite extensions if you want to teach Burp a new Transport-Encoding