webappsec
There are 33 repositories under webappsec topic.
devanshbatham/FavFreak
Making Favicon.ico based Recon Great again !
bl4de/security-tools
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
zaproxy/community-scripts
A collection of ZAP scripts and tips provided by the community - pull requests very welcome!
olacabs/jackhammer
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
security-prince/Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
softrams/bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
OWASP/www-project-code-review-guide
OWASP Code Review Guide Web Repository
thomaspatzke/WASE
The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch
Dhamuharker/Xss-
Awesome XSS Payloads
snsttr/diwa
A Deliberately Insecure Web Application
VainlyStrain/Vaile
Metasploit-like pentest framework derived from TIDoS (https://github.com/0xInfection/TIDoS-Framework)
ekoparty/ekolabs
EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference
OWASP/www-project-vulnerable-web-applications-directory
The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
scriptkkiddie/WebAppSec-Testing
ScriptKKiddie's WebAppSec Testing or Web Application Security Testing based on OWASP is a repository that contains useful resources, & stuffs helpful for Web Application Penetration Testing. By @ScriptKKiddie
kingthorin/neonmarker
Continuation of the ZAP Neonmarker add-on previously by Juha Kivekäs
fagci/webmap
Web applications info gatherer
umair9747/infosec-arsenal
A curated list of tools which you can use in Infosec!
0xPugal/HackTheWeb
Things to do while Hacking/Hunting in Web Applications
decal/zap-attack
:zap: Conduct attacks based on information gathered from the OWASP ZAP API
Humoud/BurpThenFuzz
Analyzes and fuzzes requests that are stored in Burp Suite's history
decal/cgiaudit
:package: general-purpose, "black box" CGI auditing tool (ARCHIVE)
wille/reporting-api
Collect Content Security Policy, COEP, COOP, Document-Policy, Crash reports, Deprecation reports, Intervention reports and Network Error Logging
aashishsec/portProbe
portProbe is a tool designed to efficiently probe for open ports. It will take both IP Address and Subdomains.
HarshilPatel007/webappsec
web application penetration testing and security notes.
OWASP/www-chapter-ottawa
OWASP Foundation Web Respository for the Ottawa Ontario Chapter
aashishsec/docks
Enter your domain in the search box to get Docks (Google, Shodan and Github) for bug bounty
approov/web-quickstart-fingerprintjs-javascript
Approov API Threat protection integration with FingerprintJS for Web Apps
approov/web-quickstart-google-recaptcha-v3-javascript
Approov API Threat Protection integration with Google reCAPTCHA V3 for Web Apps
approov/web-quickstart-hcaptcha-javascript
Approov API Threat Protection integration with hCaptcha for Web Apps
kingthorin/kingthorin
@kingthorin's profile repo
MarcoG3/BruteUploader
Tool designed to find location of newly uploaded file when not given by the website.
stavinski/gowac
Go Web Auth Checker (gowac) can be used to discover URLs that have access control issues