Repository navigation

#

webpentest

thewhiteh4t/FinalRecon
thewhiteh4t / FinalRecon 

All In One Web Recon

Pythonpentestingpentest-toolpentesting-toolswebpentestreconnaissanceweb-reconnaissanceweb-penetration-testingssl-certificatetraceroutewhois爬虫headerssubdomain-enumerationport-scanning
Python
2504
4 个月前
olizimmermann / s3dns 

Find S3 AWS/GCP/Azure buckets while surfing. S3DNS acts as DNS server, follows CNAMEs and matches any bucket pattern

bucketenumerationpentesterpentestingwebpentestReconnaissancereconnaissance
Python
87
14 小时前
HalilDeniz / PathFinder 

Web Path Finder

Pythonvulnerabilitywhoispathfinder安全Webweb-toolswebpentestwebsecuritywhois-lookup
Python
62
2 年前
AngixBlack / Corscan 

Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attempts

Test automationBug Bountybugbounty-toolCross-origin resource sharing (CORS)cors-vulnerabilityvulnerability-detectionvulnerability-scannersweb-penetration-testingwebpentestwebsecurity
Python
61
2 个月前
J4FSec / HaccTheHub 

Open source self-hosted cyber security learning platform

安全webpentestpentesting
TypeScript
53
3 年前
mamgad / DVBLab 

This course uses a deliberately vulnerable banking application to demonstrate common security vulnerabilities, their impact, and how to fix them. The application is built with Flask (backend) and React (frontend).

codereviewFlaskpentestPython安全ctfctf-challengesctf-writeupseducational-projectdvwaHackingwebpentest
JavaScript
50
4 个月前
txuswashere / pentesting 

CyberSec Resources: FRAMEWORKS & STANDARDS; Pentesting Audits & Hacking; PURPLE TEAMING, AD, API, web, clouds, CTF, OSINT, Pentest tools, Network Security, Privilege escalation, Exploiting, Reversing, Secure Code, Bug Bounty, ...

active-directoryauditauditingcloudsecuritycyber-securityCybersecurityHackingpurple-teampurpleteamHackathon-KitwebpentestOSINTpentestingpentesting-toolsBug Bountyreversingnetworksecurity
27
2 年前
cyberstruggle / whitepass 

Whitepass Bypass Whitelist/Ratelimit Implementations in Web Applications/APIs

api-fuzzingwebpentestappsecFuzzing/Fuzz testingwebsecurity
Python
26
4 年前
Anof-cyber / pentest-recon 

Web application pentesting recon

pentestingWeb appreconnaissanceinformation-extractionwebpentestBug Bounty
Shell
23
5 年前
MedhatHassan / CyberTalents 

The CyberTalents repository is a collection of solutions and write-ups for challenges sourced from the CyberTalents platform. Organized topic, this repository serves as a resource for cybersecurity enthusiasts seeking to enhance their skills and understanding of security concepts.

CryptographyCybersecurity逆向工程webpentest
Python
12
2 个月前
InfoSecWarrior / Subdomain-Takeovers 

This repository discusses the subdomain takeover vulnerability and lists of services which are vulnerable to it. It also provides information, methodology and resources to perform subdomain takeover attacks.

Bug Bountysubdomain-takeoversubdomainswebpentesttakeover
HTML
11
2 年前
TorhamDev / Death-engine 

A powerful recon tool

Reconnaissanceinformation-gatheringhacking-toolgoogle-dorksscannerweb-hackingwebhacking爬虫pentestingpentesting-toolsport-scanningPythonweb-penetration-testingwhoisrecon-toolswebpentest
Python
11
3 年前
defensahacker / viewstate-decoder 

Small tool to decode ASP.NET __VIEWSTATE variable when doing webpentests

aspethical-hackingwebpentestpentestingBug Bounty
Python
11
4 年前
Serhatcck / hidden_fuzzer 

Hidden Fuzzer is a URL fuzzing tool designed to uncover hidden paths and resources on web applications. It features multithreading, customizable HTTP headers, and request parameters for optimized performance.

Bug Bountybugbounty-toolFuzzing/Fuzz testingpentest-tool安全webpentest
Go
7
8 个月前
krishealty / knockknock 

A Simple Tool to gather information from any website, domain, sub-domain, DNS, links by enumeration with simple commands.

kali-linuxLinuxpenetration-testingpentestingport-scanningreconnaissancesubdomain-enumerationTermuxWebweb-penetration-testingweb-reconnaissancewebpentestwebsite-developmentexploitationHackingpentesting-toolsssl-certificateshacking-tools
Go
6
1 年前
Fadavvi / BurpPro-FastCrawler 

The simplest way to integrate your subdomain enum outputs with Burp Pro (Fast Crawler)

burpsuiteburpwebhackingbugbounty-toolwebpentest
Python
6
3 年前
xpl0ited1 / postMessageFinderBurpSuite 

This extension allows you to detect implementations of postMessage function, addEventListener("message",function) event handler and onMessage function.

burpsuiteburpsuite-extenderDocument Object Model (DOM)xssxss-vulnerabilityxss-exploitationxss-detectionBug Bountybugbounty-toolpentest-toolwebpentestJavaScriptportswigger
Python
4
4 年前
austinsonger / sitemapsandrobotsaroundtheweb 

Sitemaps and Robots.txt for websites around the world.

Hackingrobots-txt安全security-researchethical-hackingpenetration-testingreconnaissanceOSINTBug Bountyfootprintingscanningwebpentestinformation-gatheringsitemapsitemap-xmlsearchsearching
4
5 年前
m3z0diac / spaceBox 

a simple vulnerable web applications, gain access then capture the flag.

ctfctf-challengeswebpentest
PHP
4
4 年前
defensahacker / URLSUCKER 

Sucks all embedded URLs from a given URI or file. Ideal to parse URLs from CSS or JavaScript (such as API calls, webservices, ;)

webpentestethical-hackingpentesting
Perl
3
4 年前