"topic:websec" — Search

44 results for “topic:websec”

Find web directories without bruteforce

crawlerdirscannerpentestingpythonsecuritysecurity-toolswebsecwithout-bruteforce

🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.

Go1.6k176Updated 6 days ago

403403-bypassbugbountybypassctfgohttppentestpentestingreconnaissancesecuritytoolwaf-bypasswebsec

deibit/cansina

Web Content Discovery Tool

Python907234Updated 1 year ago

pentestingpythonsecurity-auditwebsec

security-prince/Application-Security-Engineer-Interview-Questions

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

681109Updated 5 years ago

application-securityappsecdevsecopsinfosecinterview-questionssdlcsecurity-engineer-interviewsecurity-engineeringsecurity-teamvulnerabilitywebappsecwebsecwebsecuritywebsecurity-referencexss

l4wio/CTF-challenges-by-me

Pwnable|Web Security|Cryptography CTF-style challenges

CSS43369Updated 2 years ago

cryptographyctfctf-challengesctf-writeupspwnablewebsec

devploit/XORpass

Encoder to bypass WAF filters using XOR operations.

Python25344Updated 3 years ago

bugbountypentestingphpwaf-bypasswebsecxor

devploit/debugHunter

Discover hidden debugging parameters and uncover web application secrets

JavaScript2467Updated 1 month ago

bugbountyctfpentestingwebsec

VainlyStrain/Vailyn

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Python20024Updated 4 years ago

directory-traversalexploitationfilter-evasioninformation-leaklfilfi-exploitationlfi-shellslocal-file-inclusionpath-traversalpenetration-testingpentest-toolpentestingrcesecuritytakeovervulnerability-assessmentvulnerability-detectionvulnerability-scannerswebsecwebsecurity

doyensec/CSPTPlayground

CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).

JavaScript15416Updated 11 months ago

appsec-testingcsptcsrfwebsecwebsecurity

security-prince/Resources-for-Application-Security

Some good resources for getting started with application security

14622Updated 4 years ago

application-securityappsecappsec-tutorialsctfinfosecinfosec-referenceowaspphp-securitysecurity-engineeringweb-hackingwebsecwebsecuritywebsecurity-reference

tyki6/MyJWT

A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

Python13620Updated 2 months ago

blackarchblackarch-packagesclictfjsonwebtokenjwtpentestpentestingpypipythonrawsecroot-merootmesecuritysecurity-toolswebsec

devploit/put2win

Script to automate PUT HTTP method exploitation to get shell

Shell12528Updated 5 years ago

bashpentestingwebsec

1diot9/MyJavaSecStudy

在Java安全学习过程中的笔记和代码

Java9417Updated 2 days ago

javajavasecuritysecuritywebsecwebsecurity

gbiagomba/Sherlock

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

Shell8712Updated 1 month ago

cyber-securitycybersecurityred-teamred-team-engagementred-teamingredteamredteamingsecuritysecurity-auditsecurity-automationsecurity-scannersecurity-teamsecurity-testingsecurity-toolssherlockweb-sec-scannerweb-securitywebsecwebsecurity

rastating/xss-chefArchived

A web application for generating custom XSS payloads

JavaScript7914Updated 6 years ago

javascriptpenetration-testingreactsecuritywebsecxssxss-exploitxss-exploitation

veliovgroup/ostrio

▲ SEO Middleware • Web Analytics • Web CRON • WebSec • HTTP & SNMP Monitoring • ostr.io is a unified web-services platform

7511Updated 3 weeks ago

analyticsccpadown-detectorgdprmonitoringprerenderingprivacy-policyseosms-notificationssnmpweb-analyticsweb-cronwebcronwebsecwebsecurity

rahulrajpl/netizenship

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

Python4912Updated 3 years ago

cybersecurityinformation-gatheringinformation-retrievalinformation-securityinfosecosint-pythonwebsecwebsecurity

SecuringTheStack/tutorials

Additional Resources For Securing The Stack Tutorials

JavaScript4018Updated 7 years ago

appsecappsec-tutorialscybersecurityinfosecowaspsecure-codingtutorialswebsec

ItsIgnacioPortal/Hacker-Scoper

CLI tool for filtering URLs/IPs with automatically-updated Bug Bounty program scope rules.

Go356Updated 2 months ago

bugbountybugcrowdenumerationfiltergogolanghackeroneinfosecpentestingreconscopessecuritysecurity-toolsshelltoolwebsecwebsecurity

umair9747/4oFour

A tech enumeration toolkit focused on 404 Not found pages.

Go273Updated 1 year ago

bountybug-bountybugbountycybersecuritycybersecurity-toolsethical-hackinginfoseclinuxosintpenetration-testingpentestingreconreconnaissancewebappsecuritywebsecwebsecurity

Crypto-Cat/cryptocat-gitbook

OLD repo for my GitBook (CTF writeups / vuln research / bugbounty) - please check out cryptocat.me/blog for the updated content!

174Updated 2 months ago

appsecbinary-exploitationbugbug-bountycapture-the-flagctfctftimecybersecurityexploit-developmentgitbookhackinginfosecoffsecpwnvulnerability-researchwebsecwriteups

ducdatdau/Writeups

writeups/solvers for CTF challenges

Python91Updated 5 months ago

cryptographyctfpwnablereverse-engineeringwebsec

foospidy/sigsci-power-rules

Rule packs for Signal Sciences power rules platform.

Shell53Updated 6 years ago

appsecpowerrulesrulessignal-sciencessignal-sciences-apisignalsciencessigsciwebsecwebsecurity

vin-hacks/ClaraClassroom

The Clara S. Traversal's classroom is an intermediate level web security challenge (black box) where you will have to exploit both client-side and server-side vulnerability in order to change a student grade. Can you hack the class and get in? Access teacher only features? Do even more than the teacher can? Good luck!

Python50Updated 1 year ago

ctfcybersecurityhackingjavascriptpythonvulnerabilitywebwebhackingwebsec

VulnCode1337/VulnCode

VulnCode: Secure Code Review Training -- This application allows the user to practice identifying vulnerabilities within codeblocks. Each codeblock was engineered to contain a single vulnerability. There are three difficulty levels. Each exercise contains a detailed explanation which becomes available after a correct answer or three wrong answers.

PowerShell40Updated 2 years ago

burpsuite-procppcsharpexpressgolangjavaphppythonrubysecurity-vulnerabilitysource-code-analysisvulnerability-researchwebsec

t0nyc23/condi

Content Discovery/Directory Brute-forcing using Python3

Python40Updated 2 years ago

bruteforcebugbountypython3-reconreconwebsec

alessiovierti/blindpieArchived

Automatically exploit time-based blind SQL injection vulnerabilities

Python31Updated 3 years ago

blind-sql-injectioncybersecurityexploitpythonsql-injectionsqlitime-based-blind-sql-injectionwebsecwebsecurity

Drayko/Web-Elements-List

Lists of elements that compose HTML and SVG structure to fuzz in security testing checks