WS-Attacker
web service tester
A modular framework for testing web services security vulnerabilities
WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit GmbH (https://www.hackmanit.de/).
472 stars
32 watching
117 forks
Language: Java
last commit: about 2 months ago
Linked from 1 awesome list
infoslack/awesome-web-hackingRelated projects:
| Repository | Description | Stars |
|---|---|---|
 jcesarstef/dotdotslash | Automated tool to test website directory traversal vulnerabilities by injecting user-controlled input into URLs and analyzing responses. | 418 |
 0xinfection/tidos-framework | A comprehensive web application penetration testing framework with modules for reconnaissance, enumeration, and vulnerability analysis. | 1,782 |
 sunweb3sec/defivulnlabs | A comprehensive training and testing guide for common smart contract vulnerabilities in DeFi applications | 1,598 |
 webpwnized/mutillidae | A deliberately vulnerable web application providing a controlled environment for learning and practicing web security skills. | 1,267 |
 pownjs/pown | A toolkit for testing and exploiting security vulnerabilities in software written in JavaScript | 259 |
 wallarm/gotestwaf | A tool to assess and evaluate API security solutions by generating malicious requests and simulating attacks on web applications. | 1,557 |
 mandatoryprogrammer/xsshunter | A service designed to test for cross-site scripting (XSS) vulnerabilities in web applications by automatically firing XSS payloads and collecting information about the resulting responses. | 1,491 |
 jobertabma/ground-control | A collection of scripts for debugging security vulnerabilities in web servers | 532 |
 m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
 owasp/securityshepherd | A training platform for web and mobile application security testing and learning | 1,348 |
 1n3/intruderpayloads | A collection of tools and methodologies for web application testing and vulnerability assessment. | 3,686 |
 whwlsfb/log4j2scan | A tool that scans websites for Log4j2 remote code execution vulnerabilities using multiple DNS log platforms and supports various scan types | 773 |
 snapview/tungstenite-rs | A lightweight WebSocket implementation for Rust. | 1,924 |
 hahwul/xspear | Automated testing tool for identifying vulnerabilities in web applications via cross-site scripting (XSS) attacks | 1,201 |
 mindpatch/lorsrf | A tool designed to identify parameters in web applications that can be exploited for SSRF or out-of-band resource load attacks. | 289 |