awesome-web-hacking

Web Security Guide

A comprehensive resource for learning web application security

A list of web application security

GitHub

6k stars
249 watching
1k forks
last commit: 13 days ago
Linked from 5 awesome lists

appsechackinghacking-toolsmetasploitowasppenetration-testingpentestingscannersecurityvulnerabilitiesvulnerabilityweb-hackingweb-security

Table of Contents / Books

http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/8126533404/ The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
http://www.amazon.com/Hacking-Web-Apps-Preventing-Application/dp/159749951X/ Hacking Web Apps: Detecting and Preventing Web Application Security Problems
http://www.amazon.com/Hacking-Exposed-Web-Applications-Third/dp/0071740643/ Hacking Exposed Web Applications
http://www.amazon.com/SQL-Injection-Attacks-Defense-Second/dp/1597499633/ SQL Injection Attacks and Defense
http://www.amazon.com/Tangled-Web-Securing-Modern-Applications/dp/1593273886/ The Tangled WEB: A Guide to Securing Modern Web Applications
http://www.amazon.com/Web-Application-Obfuscation-Evasion-Filters/dp/1597496049/ Web Application Obfuscation: '-/WAFs..Evasion..Filters//alert(/Obfuscation/)-'
http://www.amazon.com/XSS-Attacks-Scripting-Exploits-Defense/dp/1597491543/ XSS Attacks: Cross Site Scripting Exploits and Defense
http://www.amazon.com/Browser-Hackers-Handbook-Wade-Alcorn/dp/1118662091/ The Browser Hacker’s Handbook
http://www.amazon.com/Basics-Web-Hacking-Techniques-Attack/dp/0124166008/ The Basics of Web Hacking: Tools and Techniques to Attack the Web
http://www.amazon.com/Web-Penetration-Testing-Kali-Linux/dp/1782163166/ Web Penetration Testing with Kali Linux
http://www.amazon.com/Web-Application-Security-Beginners-Guide/dp/0071776168/ Web Application Security, A Beginner's Guide
https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ Hacking: The Art of Exploitation
https://www.crypto101.io/ Crypto 101 is an introductory course on cryptography
http://www.offensive-security.com/metasploit-unleashed/ Metasploit Unleashed
http://www.cl.cam.ac.uk/~rja14/book.html Security Engineering
https://www.feistyduck.com/library/openssl-cookbook/ OpenSSL Cookbook
https://www.manning.com/books/real-world-cryptography Learn and apply cryptographic techniques
https://www.manning.com/books/making-sense-of-cyber-security A guide to the key concepts, terminology, and technologies of cybersecurity perfect for anyone planning or implementing a security strategy
https://www.manning.com/books/cyber-security-career-guide Kickstart a career in cyber security by learning how to adapt your existing technical and non-technical skills
https://www.manning.com/books/secret-key-cryptography A book about cryptographic techniques and Secret Key methods
https://www.manning.com/books/application-security-program-handbook This practical book is a one-stop guide to implementing a robust application security program
https://www.manning.com/books/cyber-threat-hunting Practical guide to cyber threat hunting
https://nostarch.com/bug-bounty-bootcamp Bug Bounty Bootcamp
https://nostarch.com/hacking-apis Hacking APIs
https://www.manning.com/books/grokking-web-application-security A book about building web apps that are ready for and resilient to any attack

Table of Contents / Documentation

https://www.owasp.org/ Open Web Application Security Project
http://www.pentest-standard.org/ Penetration Testing Execution Standard
http://www.binary-auditing.com/ Dr. Thorsten Schneider’s Binary Auditing
https://appsecwiki.com/ Application Security Wiki is an initiative to provide all Application security related resources to Security Researchers and developers at one place

Table of Contents / Tools

https://www.deepinfo.com/ Deepinfo Attack Surface Platform discovers all your digital assets, monitors them 24/7, detects any issues, and notifies you quickly so you can take immediate action
https://spyse.com/ OSINT search engine that provides fresh data about the entire web, storing all data in its own DB, interconnect finding data and has some cool features
http://www.metasploit.com/ World's most used penetration testing software
https://findsubdomains.com Online subdomains scanner service with lots of additional data. works using OSINT
https://github.com/bjeborn/basic-auth-pot 47 almost 10 years ago HTTP Basic Authentication honeyPot
http://www.arachni-scanner.com/ Web Application Security Scanner Framework
https://github.com/sullo/nikto 8,695 18 days ago Nikto web server scanner
http://www.tenable.com/products/nessus-vulnerability-scanner Nessus Vulnerability Scanner
http://www.portswigger.net/burp/intruder.html Burp Intruder is a tool for automating customized attacks against web apps
http://www.openvas.org/ The world's most advanced Open Source vulnerability scanner and manager
https://github.com/iSECPartners/Scout2 1,725 about 6 years ago Security auditing tool for AWS environments
https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project Is a multi threaded java application designed to brute force directories and files names on web/application servers
https://www.owasp.org/index.php/ZAP The Zed Attack Proxy is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications
https://github.com/tecknicaltom/dsniff 192 over 14 years ago dsniff is a collection of tools for network auditing and penetration testing
https://github.com/WangYihang/Webshell-Sniper 420 over 3 years ago Manage your webshell via terminal
https://github.com/DanMcInerney/dnsspoof 281 over 7 years ago DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
https://github.com/trustedsec/social-engineer-toolkit 11,072 about 1 month ago The Social-Engineer Toolkit (SET) repository from TrustedSec
https://github.com/sqlmapproject/sqlmap 32,715 14 days ago Automatic SQL injection and database takeover tool
https://github.com/beefproject/beef 9,890 4 days ago The Browser Exploitation Framework Project
http://w3af.org/ w3af is a Web Application Attack and Audit Framework
https://github.com/espreto/wpsploit 217 over 6 years ago WPSploit, Exploiting Wordpress With Metasploit
https://github.com/WangYihang/Reverse-Shell-Manager 240 over 1 year ago Reverse shell manager via terminal
https://github.com/RUB-NDS/WS-Attacker 475 2 months ago WS-Attacker is a modular framework for web services penetration testing
https://github.com/wpscanteam/wpscan 8,642 1 day ago WPScan is a black box WordPress vulnerability scanner
http://sourceforge.net/projects/paros/ Paros proxy
https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project Web Scarab proxy
https://code.google.com/p/skipfish/ Skipfish, an active web application security reconnaissance tool
http://www.acunetix.com/vulnerability-scanner/ Acunetix Web Vulnerability Scanner
https://cystack.net/ CyStack Web Security Platform
http://www-03.ibm.com/software/products/en/appscan IBM Security AppScan
https://www.netsparker.com/web-vulnerability-scanner/ Netsparker web vulnerability scanner
http://www8.hp.com/us/en/software-solutions/webinspect-dynamic-analysis-dast/index.html HP Web Inspect
https://github.com/sensepost/wikto 175 over 7 years ago Wikto - Nikto for Windows with some extra features
http://samurai.inguardians.com Samurai Web Testing Framework
https://code.google.com/p/ratproxy/ Ratproxy
http://www.websecurify.com Websecurify
http://sourceforge.net/projects/grendel/ Grendel-scan
https://tools.kali.org/web-applications/gobuster Directory/file and DNS busting tool written in Go
http://www.edge-security.com/wfuzz.php Wfuzz
http://wapiti.sourceforge.net wapiti
https://github.com/neuroo/grabber 146 about 8 years ago Grabber
https://subgraph.com/vega/ Vega
http://websecuritytool.codeplex.com Watcher passive web scanner
http://xss.codeplex.com x5s XSS and Unicode transformations security testing assistant
http://www.beyondsecurity.com/avds AVDS Vulnerability Assessment and Management
http://www.golismero.com Golismero
http://www.ikare-monitoring.com IKare
http://www.nstalker.com N-Stalker X
https://www.rapid7.com/products/nexpose/index.jsp Nexpose
http://www.rapid7.com/products/appspider/ App Spider
http://www.milescan.com ParosPro
https://www.qualys.com/enterprises/qualysguard/web-application-scanning/ Qualys Web Application Scanning
http://www.beyondtrust.com/Products/RetinaNetworkSecurityScanner/ Retina
https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework
https://github.com/future-architect/vuls 11,008 about 21 hours ago Vulnerability scanner for Linux, agentless, written in golang
https://github.com/rastating/wordpress-exploit-framework 1,019 about 5 years ago A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems
http://www.xss-payloads.com/ XSS Payloads to leverage XSS vulnerabilities, build custom payloads, practice penetration testing skills
https://github.com/joaomatosf/jexboss 2,425 almost 5 years ago JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool
https://github.com/commixproject/commix 4,629 5 days ago Automated All-in-One OS command injection and exploitation tool
https://github.com/pathetiq/BurpSmartBuster 383 about 4 years ago A Burp Suite content discovery plugin that add the smart into the Buster!
https://github.com/GoSecure/csp-auditor 137 over 4 years ago Burp and ZAP plugin to analyze CSP headers
https://github.com/ffleming/timing_attack 120 about 5 years ago Perform timing attacks against web applications
https://github.com/lalithr95/fuzzapi 634 almost 4 years ago Fuzzapi is a tool used for REST API pentesting
https://github.com/owtf/owtf 1,822 11 days ago Offensive Web Testing Framework (OWTF)
https://github.com/nccgroup/wssip 445 almost 2 years ago Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa
https://github.com/PalindromeLabs/STEWS 336 almost 3 years ago Tool suite for WebSocket discovery, fingerprinting, and vulnerability detection
https://github.com/tijme/angularjs-csti-scanner 304 about 3 years ago Automated client-side template injection (sandbox escape/bypass) detection for AngularJS (ACSTIS)
https://reshift.softwaresecured.com A source code analysis tool for detecting and managing Java security vulnerabilities
https://encoding.tools Web app for transforming binary data and strings, including hashes and various encodings. GPLv3 offline version available
https://gchq.github.io/CyberChef/ A "Cyber Swiss Army Knife" for carrying out various encodings and transformations of binary data and strings
https://github.com/urbanadventurer/WhatWeb 5,579 5 months ago WhatWeb - Next generation web scanner
https://www.shodan.io/ Shodan - The search engine for find vulnerable servers
https://github.com/WangYihang/Webshell-Sniper 420 over 3 years ago A webshell manager via terminal
https://github.com/nil0x42/phpsploit 2,228 7 months ago PhpSploit - Full-featured C2 framework which silently persists on webserver via evil PHP oneliner
https://webhint.io/ webhint - webhint is a customizable linting tool that helps you improve your site's accessibility, speed, cross-browser compatibility, and more by checking your code for best practices and common errors
https://gtfobins.github.io/ gtfobins - GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
https://github.com/HightechSec/git-scanner 340 over 4 years ago git-scanner - A tool for bug hunting or pentesting for targeting websites that have open repositories available in public
Web Application Exploitation @ Rawsec Inventory Complete list of Web pentesting tools
Cyclops is a novel browser that can detect vulnerability automatically 114 5 months ago Cyclops is a web browser with XSS detection feature
https://caido.io/ Web proxy
https://github.com/assetnote/kiterunner 2,673 7 months ago API discovery
https://github.com/owasp-amass/amass 12,148 3 days ago domain recon
https://columbus.elmasy.com/ Columbus Project is an advanced subdomain discovery service with fast, powerful and easy to use API
BadUSB Script To Exfiltrate Passwords 54 6 months ago Extracts all saved passwords from Chrome, Firefox, and Edge to be saved onto secondary USB for further analysis
https://github.com/flibustier/jwt-online-cracker 8 about 1 month ago Brute-force HS256, HS384 or HS512 JWT Token from your browser (fully client-side)

Table of Contents / Cheat Sheets

http://n0p.net/penguicon/php_app_sec/mirror/xss.html XSS cheatsheet
https://highon.coffee/blog/lfi-cheat-sheet/ LFI Cheat Sheet
https://highon.coffee/blog/reverse-shell-cheat-sheet/ Reverse Shell Cheat Sheet
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ SQL Injection Cheat Sheet
https://www.gracefulsecurity.com/path-traversal-cheat-sheet-windows/ Path Traversal Cheat Sheet: Windows

Table of Contents / Docker images for Penetration Testing

official Kali Linux
official BlackArch Linux
official OWASP ZAP 12,804 4 days ago -
official WPScan -
docker-metasploit -
Damn Vulnerable Web Application (DVWA) -
OWASP Juice Shop
Vulnerable WordPress Installation -
Vulnerability as a service: Shellshock -
Vulnerability as a service: Heartbleed -
Security Ninjas -
Arch Linux Penetration Tester -
Docker Bench for Security -
OWASP Security Shepherd -
OWASP WebGoat Project docker image -
OWASP WrongSecrets Project docker image -
OWASP Mutillidae II Web Pen-Test Practice Application -
Docker for pentest 729 over 2 years ago -
The Modern Port Scanner 14,827 7 days ago -

Table of Contents / Vulnerabilities

http://cve.mitre.org/ Common Vulnerabilities and Exposures. The Standard for Information Security Vulnerability Names
https://www.exploit-db.com/ The Exploit Database – ultimate archive of Exploits, Shellcode, and Security Papers
http://0day.today/ Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals
http://www.securityfocus.com/ Since its inception in 1999, SecurityFocus has been a mainstay in the security community
http://packetstormsecurity.com/ Global Security Resource
https://wpvulndb.com/ WPScan Vulnerability Database
https://snyk.io/vuln/ Vulnerability DB, Detailed information and remediation guidance for known vulnerabilities
https://stellastra.com/cipher-suite Database of hundreds of TLS cipher suites and their security status
https://vulncheck.com/xdb/ An index of exploit proof-of-concept code in Git repositories

Table of Contents / Courses

https://www.offensive-security.com/information-security-training/advanced-web-attack-and-exploitation/ Offensive Security Advanced Web Attacks and Exploitation (live)
https://www.sans.org/course/web-app-penetration-testing-ethical-hacking Sans SEC542: Web App Penetration Testing and Ethical Hacking
https://www.sans.org/course/advanced-web-app-penetration-testing-ethical-hacking Sans SEC642: Advanced Web App Penetration Testing and Ethical Hacking
http://opensecuritytraining.info/ Open Security Training
http://securitytrainings.net/security-trainings/ Security Exploded Training
http://www.securitytube.net/ World’s largest Infosec and Hacking Portal
https://www.hacker101.com/ Free class for web security by
https://www.darkrelay.com/courses/professional-penetration-tester Zero-Hero style Pentesting course by

Table of Contents / Online Hacking Demonstration Sites

http://testasp.vulnweb.com/ Acunetix ASP test and demonstration site
http://testaspnet.vulnweb.com/ Acunetix ASP.Net test and demonstration site
http://testphp.vulnweb.com/ Acunetix PHP test and demonstration site
http://crackme.cenzic.com/kelev/view/home.php Crack Me Bank
http://zero.webappsecurity.com/ Zero Bank
http://demo.testfire.net/ Altoro Mutual
https://public-firing-range.appspot.com/ Firing Range is a test bed for automated web application security scanners
https://xss-game.appspot.com/ XSS challenge
https://google-gruyere.appspot.com/ Google Gruyere, web application exploits and defenses
https://ginandjuice.shop/catalog
https://pentest-ground.com/ Pentest-Ground is a free playground with deliberately vulnerable web applications and network services
HackSimulator is a GPT created by in which chatGPT 4 acts as a hacking CTF. This GPT will ask for your experience level and what you would like to improve on, before simulating a machine/application for you to hack into, using the chatbox as the place to input terminal commands. Since this is through AI, it changes and adjust based on your experience level and you can ask for help if you are stuck

Table of Contents / Labs

https://portswigger.net/web-security Web Security Academy: Free Online Training from PortSwigger
http://www.cis.syr.edu/~wedu/seed/all_labs.html Developing Instructional Laboratories for Computer SEcurity EDucation
https://www.vulnhub.com/ Virtual Machines for Localhost Penetration Testing
https://pentesterlab.com/ PentesterLab is an easy and great way to learn penetration testing
https://github.com/jerryhoff/WebGoat.NET 225 12 months ago This web application is a learning platform about common web security flaws
http://www.dvwa.co.uk/ Damn Vulnerable Web Application (DVWA)
http://sourceforge.net/projects/lampsecurity/ LAMPSecurity Training
https://github.com/Audi-1/sqli-labs 5,288 12 months ago SQLI labs to test error based, Blind boolean based, Time based
https://github.com/paralax/lfi-labs 321 8 months ago small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns
https://hack.me/ Build, host and share vulnerable web apps in a sandboxed environment for free
http://azcwr.org/az-cyber-warfare-ranges Free live fire Capture the Flag, blue team, red team Cyber Warfare Range for beginners through advanced users. Must use a cell phone to send a text message requesting access to the range
https://github.com/adamdoupe/WackoPicko 328 6 months ago WackoPicko is a vulnerable web application used to test web application vulnerability scanners
https://github.com/rapid7/hackazon 973 over 3 years ago Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications
https://github.com/RhinoSecurityLabs/cloudgoat 2,982 13 days ago Rhino Security Labs' "Vulnerable by Design" AWS infrastructure setup tool
https://www.hackthebox.eu/ Hack The Box is an online platform allowing you to test and advance your skills in cyber security
https://github.com/tegal1337/0l4bs 296 over 3 years ago 0l4bs is a Cross-site scripting labs for web application security enthusiasts
https://github.com/oliverwiegers/pentest_lab 182 over 1 year ago Local pentest lab leveraging docker compose
https://ginandjuice.shop/catalog
https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application 1,512 11 months ago
https://labex.io/skilltrees/cybersecurity LabEx is an online platform for enhancing your cyber security skills through hands-on labs
https://pythoncyber.go.ro CyberPython helps you to make your own research in order to solve challenges, exploit CVEs and make good scripts

Table of Contents / SSL

https://www.ssllabs.com/ssltest/index.html This service performs a deep analysis of the configuration of any SSL web server on the public Internet
http://certdb.com/ SSL/TLS data provider service. Collect the data about digital certificates - issuers, organisation, whois, expiration dates, etc... Plus, has handy filters for convenience
https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html Strong SSL Security on nginx
https://weakdh.org/ Weak Diffie-Hellman and the Logjam Attack
https://letsencrypt.org/ Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open
https://filippo.io/Heartbleed/ A checker (site and tool) for CVE-2014-0160 (Heartbleed)
https://testssl.sh/ A command line tool which checks a website's TLS/SSL ciphers, protocols and cryptographic flaws

Table of Contents / Security Ruby on Rails

http://brakemanscanner.org/ A static analysis security vulnerability scanner for Ruby on Rails applications
https://github.com/rubysec/ruby-advisory-db 1,022 about 22 hours ago A database of vulnerable Ruby Gems
https://github.com/rubysec/bundler-audit 2,686 3 months ago Patch-level verification for Bundler
https://github.com/hakirisec/hakiri_toolbelt 273 over 7 years ago Hakiri Toolbelt is a command line interface for the Hakiri platform
https://hakiri.io/facets Scan Gemfile.lock for vulnerabilities
http://rails-sqli.org/ This page lists many query methods and options in ActiveRecord which do not sanitize raw SQL arguments and are not intended to be called with unsafe user input
https://github.com/0xsauby/yasuo 569 almost 7 years ago A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network

Backlinks from these awesome lists:

More related projects: