Repository navigation
web-application-security
- Website
- Wikipedia
Automated NoSQL database enumeration and web application exploitation tool.
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
The Offensive Manual Web Application Penetration Testing Framework.
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.
🎯 XML External Entity (XXE) Injection Payload List
JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关,提供安全的接入,包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
A collection of FREE cyber security books
List of CyberSecurity Resources and some different Sub-Domains of CyberSecurity
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
A cross-platform python based utility for information gathering and penetration testing automation!
h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply
Second-order subdomain takeover scanner
A Security Tool for Enumerating WebSockets
✂️ Removing CDN IPs from the list of IP addresses
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Master cybersecurity skills with this TryHackMe free path, includes a collection of my write-ups, solutions and progress tracking.