web-security

There are 468 repositories under web-security topic.

  • Mobile-Security-Framework-MobSF

    MobSF/Mobile-Security-Framework-MobSF

    Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

    Language:JavaScript17.5k5791.5k3.2k

  • Hacker0x01/hacker101

    Source code for Hacker101.com - a free online web and mobile security class.

    Language:SCSS13.8k693882.5k
  • SafeLine

    chaitin/SafeLine

    serve as a reverse proxy to protect your web services from attacks and exploits.

    Language:Go13.1k71874810

  • nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

    A list of resources for those interested in getting started in bug bounties

    10.8k572271.9k
  • bunkerweb

    bunkerity/bunkerweb

    🛡️ Open-source and next-generation Web Application Firewall (WAF)

    Language:Python6.6k58445372

  • infoslack/awesome-web-hacking

    A list of web application security

    5.9k248171.2k

  • vavkamil/awesome-bugbounty-tools

    A curated list of various bug bounty tools

    4.3k9415686
  • awesome-nodejs-security

    lirantal/awesome-nodejs-security

    Awesome Node.js Security resources

    2.7k6812240
  • DDoS-Ripper

    palahsu/DDoS-Ripper

    DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

    Language:Python2.2k4571527

  • 0xSobky/HackVault

    A container repository for my public web hacks!

    Language:JavaScript1.9k852274

  • qi4L/JYso

    JNDIExploit or a ysoserial.

    Language:Java1.6k6755189

  • lunasec-io/lunasec

    LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

    Language:TypeScript1.4k29290164

  • WangYihang/GitHacker

    🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

    Language:Python1.4k1426228

  • Ge0rg3/requests-ip-rotator

    A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

    Language:Python1.4k1759140

  • 4ra1n/super-xray

    Web漏洞扫描工具XRAY的GUI启动器

    Language:Java1.3k18158143

  • pushsecurity/saas-attacks

    Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

    1.2k233983
  • cherrybomb

    blst-security/cherrybomb

    Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

    Language:Rust1.2k126482

  • devanshbatham/FavFreak

    Making Favicon.ico based Recon Great again !

    Language:Python1.1k206170

  • chenjj/CORScanner

    🎯 Fast CORS misconfiguration vulnerabilities scanner

    Language:Python1k2117176

  • Zeyad-Azima/Offensive-Resources

    A Huge Learning Resources with Labs For Offensive Security Players

    910331207

  • TypeError/secure

    Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.

    Language:Python880151527

  • backdoorhub/shell-backdoor-list

    🎯 PHP / ASP - Shell Backdoor List 🎯

    Language:PHP722335554

  • Lookyloo/lookyloo

    Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.

    Language:Python6841820783

  • 4ra1n/mysql-fake-server

    MySQL Fake Server (纯Java实现,支持GUI版和命令行版,提供Dockerfile,支持多种常见JDBC利用)

    Language:Java6837677

  • incredibleindishell/SSRF_Vulnerable_Lab

    This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

    Language:PHP671195175

  • turbo/openftp4

    A list of all FTP servers in IPv4 that allow anonymous logins.

    64849095

  • tempesta-tech/tempesta

    All-in-one solution for high performance web content delivery and advanced protection against DDoS and web attacks

    Language:C622511.1k103

  • madneal/articles-translator

    :books:Translate the distinct technical blogs. Please star or watch. Welcome to join me.

    62159867
  • Raven-Storm

    Tmpertor/Raven-Storm

    Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

    Language:Python601239170

  • Harmoc/CTFTools

    Personal CTF Toolkit

    5861712136

  • trailofbits/twa

    A tiny web auditor with strong opinions.

    Language:Shell58574653

  • hueristiq/xurlfind3r

    A command-line utility designed to help you discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directly with the target but instead gathers data that is already publicly available.

    Language:Go56682066

  • Cryin/JavaID

    java source code static code analysis and danger function identify prog

    Language:Python532102115

  • splitline/How-to-Hack-Websites

    開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall

    Language:PHP5097250
  • pyhtools

    dmdhrumilmistry/pyhtools

    A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

    Language:Python49872087

  • 0x4D31/burpa

    Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

    Language:Python481335109