awesome-web-security
đ¶ A curated list of Web Security materials and resources.
11k stars
380 watching
2k forks
last commit: 8 months ago
Linked from 8 awesome lists
awesomeawesome-listlistpenetration-testingsecuritywebwebsecurity
Awesome Web Security / Digests | |||
Hacker101 | Written by | ||
The Daily Swig - Web security digest | Written by | ||
Web Application Security Zone by Netsparker | Written by | ||
Infosec Newbie | Written by | ||
The Magic of Learning | Written by | ||
CTF Field Guide | Written by | ||
PayloadsAllTheThings | 60,304 | 20 days ago | Written by |
tl;dr sec | Weekly summary of top security tools, blog posts, and security research | ||
Awesome Web Security / Forums | |||
Phrack Magazine | Ezine written by and for hackers | ||
The Hacker News | Security in a serious way | ||
Security Weekly | The security podcast network | ||
The Register | Biting the hand that feeds IT | ||
Dark Reading | Connecting The Information Security Community | ||
HackDig | Dig high-quality web security articles for hacker | ||
Awesome Web Security / Introduction / XSS - Cross-Site Scripting | |||
Cross-Site Scripting â Application Security â Google | Written by | ||
H5SC | 2,844 | over 2 years ago | Written by |
AwesomeXSS | 4,758 | 6 months ago | Written by |
XSS.png | 56 | over 8 years ago | Written by @jackmasa |
C.XSS Guide | Written by and | ||
THE BIG BAD WOLF - XSS AND MAINTAINING ACCESS | Written by | ||
payloadbox/xss-payload-list | 6,193 | 3 months ago | Written by |
PayloadsAllTheThings - XSS Injection | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / Prototype Pollution | |||
Prototype pollution attack in NodeJS application | 513 | 4 months ago | Written by |
Exploiting prototype pollution â RCE in Kibana (CVE-2019-7609) | Written by | ||
Real-world JS - 1 | Written by | ||
Awesome Web Security / Introduction / CSV Injection | |||
CSV Injection -> Meterpreter on Pornhub | Written by | ||
The Absurdly Underestimated Dangers of CSV Injection | Written by | ||
PayloadsAllTheThings - CSV Injection | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / SQL Injection | |||
SQL Injection Cheat Sheet | Written by | ||
SQL Injection Wiki | Written by | ||
SQL Injection Pocket Reference | Written by | ||
payloadbox/sql-injection-payload-list | 4,834 | 3 months ago | Written by |
PayloadsAllTheThings - SQL Injection | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / Command Injection | |||
Potential command injection in resolv.rb | 21,953 | 12 days ago | Written by |
payloadbox/command-injection-payload-list | 2,907 | 3 months ago | Written by |
PayloadsAllTheThings - Command Injection | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / ORM Injection | |||
HQL for pentesters | Written by | ||
HQL : Hyperinsane Query Language (or how to access the whole SQL API within a HQL injection ?) | Written by | ||
ORM2Pwn: Exploiting injections in Hibernate ORM | Written by | ||
ORM Injection | Written by | ||
Awesome Web Security / Introduction / FTP Injection | |||
Advisory: Java/Python FTP Injections Allow for Firewall Bypass | Written by | ||
SMTP over XXE â how to send emails using Java's XML parser | Written by | ||
Awesome Web Security / Introduction / XXE - XML eXternal Entity | |||
XXE | Written by | ||
XML external entity (XXE) injection | Written by | ||
XML Schema, DTD, and Entity Attacks | Written by and Omar Al Ibrahim | ||
payloadbox/xxe-injection-payload-list | 1,069 | 3 months ago | Written by |
PayloadsAllTheThings - XXE Injection | 60,304 | 20 days ago | Written by various contributors |
Awesome Web Security / Introduction / CSRF - Cross-Site Request Forgery | |||
Wiping Out CSRF | Written by | ||
PayloadsAllTheThings - CSRF Injection | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / Clickjacking | |||
Clickjacking | Written by | ||
X-Frame-Options: All about Clickjacking? | 67 | about 2 years ago | Written by |
Awesome Web Security / Introduction / SSRF - Server-Side Request Forgery | |||
SSRF bible. Cheatsheet | Written by | ||
PayloadsAllTheThings - Server-Side Request Forgery | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / Web Cache Poisoning | |||
Practical Web Cache Poisoning | Written by | ||
PayloadsAllTheThings - Web Cache Deception | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / Relative Path Overwrite | |||
Large-scale analysis of style injection by relative path overwrite | Written by | ||
MBSD Technical Whitepaper - A few RPO exploitation techniques | Written by | ||
Awesome Web Security / Introduction / Open Redirect | |||
Open Redirect Vulnerability | Written by | ||
payloadbox/open-redirect-payload-list | 512 | 3 months ago | Written by |
PayloadsAllTheThings - Open Redirect | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / Security Assertion Markup Language (SAML) | |||
How to Hunt Bugs in SAML; a Methodology - Part I | Written by | ||
How to Hunt Bugs in SAML; a Methodology - Part II | Written by | ||
How to Hunt Bugs in SAML; a Methodology - Part III | Written by | ||
PayloadsAllTheThings - SAML Injection | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / Upload | |||
File Upload Restrictions Bypass | Written by | ||
PayloadsAllTheThings - Upload Insecure Files | 60,304 | 20 days ago | Written by |
Awesome Web Security / Introduction / Rails | |||
Rails Security - First part | Written by | ||
Zen Rails Security Checklist | 1,810 | over 4 years ago | Written by |
Rails SQL Injection | Written by | ||
Official Rails Security Guide | Written by | ||
Awesome Web Security / Introduction / AngularJS | |||
XSS without HTML: Client-Side Template Injection with AngularJS | Written by | ||
DOM based Angular sandbox escapes | Written by | ||
Awesome Web Security / Introduction / ReactJS | |||
XSS via a spoofed React element | Written by | ||
Awesome Web Security / Introduction / SSL/TLS | |||
SSL & TLS Penetration Testing | Written by | ||
Practical introduction to SSL/TLS | 564 | about 1 month ago | Written by |
Awesome Web Security / Introduction / Webmail | |||
Why mail() is dangerous in PHP | Written by | ||
Awesome Web Security / Introduction / NFS | |||
NFS | PENETRATION TESTING ACADEMY | Written by | ||
Awesome Web Security / Introduction / AWS | |||
PENETRATION TESTING AWS STORAGE: KICKING THE S3 BUCKET | Written by Dwight Hohnstein from | ||
AWS PENETRATION TESTING PART 1. S3 BUCKETS | Written by | ||
AWS PENETRATION TESTING PART 2. S3, IAM, EC2 | Written by | ||
Misadventures in AWS | Written by Christian Demko | ||
Awesome Web Security / Introduction / Azure | |||
Common Azure Security Vulnerabilities and Misconfigurations | Written by | ||
Cloud Security Risks (Part 1): Azure CSV Injection Vulnerability | Written by | ||
Awesome Web Security / Introduction / Sub Domain Enumeration | |||
A penetration testerâs guide to sub-domain enumeration | Written by | ||
The Art of Subdomain Enumeration | Written by | ||
Awesome Web Security / Introduction / Crypto | |||
Applied Crypto Hardening | Written by | ||
What is a Side-Channel Attack ? | Written by | ||
Awesome Web Security / Introduction / Web Shell | |||
Hunting for Web Shells | Written by | ||
Hacking with JSP Shells | Written by | ||
Awesome Web Security / Introduction / OSINT | |||
Hacking Cryptocurrency Miners with OSINT Techniques | Written by | ||
OSINT x UCCU Workshop on Open Source Intelligence | Written by | ||
102 Deep Dive in the Dark Web OSINT Style Kirby Plessas | Presented by | ||
The most complete guide to finding anyoneâs email | Written by | ||
Awesome Web Security / Introduction / DNS Rebinding | |||
Attacking Private Networks from the Internet with DNS Rebinding | Written by | ||
Hacking home routers from the Internet | Written by | ||
Awesome Web Security / Introduction / Deserialization | |||
What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability. | Written by | ||
Attacking .NET deserialization | Written by | ||
.NET Roulette: Exploiting Insecure Deserialization in Telerik UI | Written by | ||
How to exploit the DotNetNuke Cookie Deserialization | Written by | ||
HOW TO EXPLOIT LIFERAY CVE-2020-7961 : QUICK JOURNEY TO POC | Written by | ||
Awesome Web Security / Introduction / OAuth | |||
Introduction to OAuth 2.0 and OpenID Connect | Written by | ||
What is going on with OAuth 2.0? And why you should not use it for authentication. | Written by | ||
Awesome Web Security / Introduction / JWT | |||
Hardcoded secrets, unverified tokens, and other common JWT mistakes | Written by | ||
Awesome Web Security / Evasions / XXE | |||
Bypass Fix of OOB XXE Using Different encoding | Written by | ||
Awesome Web Security / Evasions / CSP | |||
Any protection against dynamic module import? | 207 | 27 days ago | Written by |
CSP: bypassing form-action with reflected XSS | Written by | ||
TWITTER XSS + CSP BYPASS | Written by | ||
Neatly bypassing CSP | Written by | ||
Evading CSP with DOM-based dangling markup | Written by | ||
GitHub's CSP journey | Written by | ||
GitHub's post-CSP journey | Written by | ||
Awesome Web Security / Evasions / WAF | |||
Web Application Firewall (WAF) Evasion Techniques | Written by | ||
Web Application Firewall (WAF) Evasion Techniques #2 | Written by | ||
Airbnb â When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight Vulnerabilities | Written by | ||
How to bypass libinjection in many WAF/NGWAF | Written by | ||
Awesome Web Security / Evasions / JSMVC | |||
JavaScript MVC and Templating Frameworks | Written by | ||
Awesome Web Security / Evasions / Authentication | |||
Trend Micro Threat Discovery Appliance - Session Generation Authentication Bypass (CVE-2016-8584) | Written by and | ||
Awesome Web Security / Tricks / CSRF | |||
Neat tricks to bypass CSRF-protection | Written by | ||
Exploiting CSRF on JSON endpoints with Flash and redirects | Written by | ||
Stealing CSRF tokens with CSS injection (without iFrames) | 315 | over 6 years ago | Written by |
Cracking Javaâs RNG for CSRF - Javax Faces and Why CSRF Token Randomness Matters | Written by | ||
If HttpOnly You Could Still CSRF⊠Of CORS you can! | Written by | ||
Awesome Web Security / Tricks / Clickjacking | |||
Clickjackings in Google worth 14981.7$ | Written by | ||
Awesome Web Security / Tricks / Remote Code Execution | |||
CVE-2019-1306: ARE YOU MY INDEX? | Written by | ||
WebLogic RCE (CVE-2019-2725) Debug Diary | Written by Badcode@Knownsec 404 Team | ||
What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability. | Written by | ||
Exploiting Node.js deserialization bug for Remote Code Execution | Written by | ||
DRUPAL 7.X SERVICES MODULE UNSERIALIZE() TO RCE | Written by | ||
How we exploited a remote code execution vulnerability in math.js | Written by | ||
GitHub Enterprise Remote Code Execution | Written by | ||
Evil Teacher: Code Injection in Moodle | Written by | ||
How I Chained 4 vulnerabilities on GitHub Enterprise, From SSRF Execution Chain to RCE! | Written by | ||
$36k Google App Engine RCE | Written by | ||
Poor RichFaces | Written by | ||
Remote Code Execution on a Facebook server | Written by | ||
Awesome Web Security / Tricks / XSS | |||
Exploiting XSS with 20 characters limitation | Written by | ||
Upgrade self XSS to Exploitable XSS an 3 Ways Technic | Written by | ||
XSS without parentheses and semi-colons | Written by | ||
XSS-Auditorâââthe protector of unprotected and the deceiver of protected. | Written by | ||
Query parameter reordering causes redirect page to render unsafe URL | Written by | ||
ECMAScript 6 from an Attacker's Perspective - Breaking Frameworks, Sandboxes, and everything else | Written by | ||
How I found a $5,000 Google Maps XSS (by fiddling with Protobuf) | Written by | ||
DON'T TRUST THE DOM: BYPASSING XSS MITIGATIONS VIA SCRIPT GADGETS | Written by , , and | ||
Uber XSS via Cookie | Written by | ||
DOM XSS â auth.uber.com | Written by | ||
Stored XSS on Facebook | Written by | ||
XSS in Google Colaboratory + CSP bypass | Written by | ||
Another XSS in Google Colaboratory | Written by | ||
is filtered ? | Written by | ||
$20000 Facebook DOM XSS | Written by | ||
Awesome Web Security / Tricks / SQL Injection | |||
MySQL Error Based SQL Injection Using EXP | Written by | ||
SQL injection in an UPDATE query - a bug bounty story! | Written by | ||
GitHub Enterprise SQL Injection | Written by | ||
Making a Blind SQL Injection a little less blind | Written by | ||
Red Team Tales 0x01: From MSSQL to RCE | Written by | ||
SQL INJECTION AND POSTGRES - AN ADVENTURE TO EVENTUAL RCE | Written by | ||
Awesome Web Security / Tricks / NoSQL Injection | |||
GraphQL NoSQL Injection Through JSON Types | Written by | ||
Awesome Web Security / Tricks / FTP Injection | |||
XML Out-Of-Band Data Retrieval | Written by and Alexey Osipov | ||
XXE OOB exploitation at Java 1.7+ | Written by | ||
Awesome Web Security / Tricks / XXE | |||
Evil XML with two encodings | Written by | ||
XXE in WeChat Pay Sdk ( WeChat leave a backdoor on merchant websites) | Written by | ||
XML Out-Of-Band Data Retrieval | Written by Timur Yunusov and Alexey Osipov | ||
XXE OOB exploitation at Java 1.7+ (2014) | : Exfiltration using FTP protocol - Written by | ||
XXE OOB extracting via HTTP+FTP using single opened port | Written by | ||
What You Didn't Know About XML External Entities Attacks | Written by | ||
Pre-authentication XXE vulnerability in the Services Drupal module | Written by | ||
Forcing XXE Reflection through Server Error Messages | Written by | ||
Exploiting XXE with local DTD files | Written by | ||
Automating local DTD discovery for XXE exploitation | Written by | ||
Awesome Web Security / Tricks / SSRF | |||
AWS takeover through SSRF in JavaScript | Written by | ||
SSRF in Exchange leads to ROOT access in all instances | Written by | ||
SSRF to ROOT Access | A $25k bounty for SSRF leading to ROOT Access in all instances by | ||
PHP SSRF Techniques | Written by | ||
SSRF in https://imgur.com/vidgif/url | Written by | ||
All you need to know about SSRF and how may we write tools to do auto-detect | Written by | ||
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages! | Written by | ||
SSRF Tips | Written by | ||
Into the Borg â SSRF inside Google production network | Written by | ||
Piercing the Veil: Server Side Request Forgery to NIPRNet access | Written by | ||
Awesome Web Security / Tricks / Web Cache Poisoning | |||
Bypassing Web Cache Poisoning Countermeasures | Written by | ||
Cache poisoning and other dirty tricks | Written by | ||
Awesome Web Security / Tricks / Header Injection | |||
Java/Python FTP Injections Allow for Firewall Bypass | Written by | ||
Awesome Web Security / Tricks / URL | |||
Some Problems Of URLs | Written by | ||
Phishing with Unicode Domains | Written by | ||
Unicode Domains are bad and you should feel bad for supporting them | Written by | ||
[dev.twitter.com] XSS | Written by | ||
Awesome Web Security / Tricks / Deserialization | |||
ASP.NET resource files (.RESX) and deserialisation issues | Written by | ||
Awesome Web Security / Tricks / OAuth | |||
Facebook OAuth Framework Vulnerability | Written by | ||
Awesome Web Security / Tricks / Others | |||
How I hacked Googleâs bug tracking system itself for $15,600 in bounties | Written by | ||
Some Tricks From My Secret Group | Written by | ||
Inducing DNS Leaks in Onion Web Services | 42 | about 6 years ago | Written by |
Stored XSS, and SSRF in Google using the Dataset Publishing Language | Written by | ||
Awesome Web Security / Browser Exploitation / Frontend (like SOP bypass, URL spoofing, and something like that) | |||
The world of Site Isolation and compromised renderer | Written by | ||
The Cookie Monster in Your Browsers | Written by | ||
Bypassing Mobile Browser Security For Fun And Profit | Written by | ||
The inception bar: a new phishing method | Written by | ||
JSON hijacking for the modern web | Written by | ||
IE11 Information disclosure - local file detection | Written by James Lee | ||
SOP bypass / UXSS â Stealing Credentials Pretty Fast (Edge) | Written by | ||
ĐŃĐŸĐ±Đ”ĐœĐœĐŸŃŃĐž Safari ĐČ client-side Đ°ŃĐ°ĐșĐ°Ń | Written by | ||
How do we Stop Spilling the Beans Across Origins? | Written by and | ||
Setting arbitrary request headers in Chromium via CRLF injection | Written by | ||
Iâm harvesting credit card numbers and passwords from your site. Hereâs how. | Written by | ||
Sending arbitrary IPC messages via overriding Function.prototype.apply | Written by | ||
Take Advantage of Out-of-Scope Domains in Bug Bounty Programs | Written by | ||
Awesome Web Security / Browser Exploitation / Backend (core of Browser implementation, and often refers to C or C++ part) | |||
Breaking UC Browser | Written by | ||
Attacking JavaScript Engines - A case study of JavaScriptCore and CVE-2016-4622 | Written by | ||
Three roads lead to Rome | Written by | ||
Exploiting a V8 OOB write. | Written by | ||
SSD Advisory â Chrome Turbofan Remote Code Execution | Written by | ||
Look Mom, I don't use Shellcode - Browser Exploitation Case Study for Internet Explorer 11 | Written by | ||
PUSHING WEBKIT'S BUTTONS WITH A MOBILE PWN2OWN EXPLOIT | Written by | ||
A Methodical Approach to Browser Exploitation | Written by | ||
CVE-2017-2446 or JSC::JSGlobalObject::isHavingABadTime. | Written by | ||
CLEANLY ESCAPING THE CHROME SANDBOX | Written by | ||
A Methodical Approach to Browser Exploitation | Written by , and | ||
Awesome Web Security / PoCs / Database | |||
js-vuln-db | 2,276 | about 5 years ago | Collection of JavaScript engine CVEs with PoCs by |
awesome-cve-poc | 3,301 | almost 3 years ago | Curated list of CVE PoCs by |
Some-PoC-oR-ExP | 2,371 | 8 months ago | ćç§æŒæŽpocăExpçæ¶éæçŒć by |
uxss-db | 684 | over 3 years ago | Collection of UXSS CVEs with PoCs by |
SPLOITUS | Exploits & Tools Search Engine by | ||
Exploit Database | ultimate archive of Exploits, Shellcode, and Security Papers by | ||
Awesome Web Security / Cheetsheets | |||
XSS Cheat Sheet - 2018 Edition | Written by | ||
Capture the Flag CheatSheet | 42 | 4 months ago | Written by |
Awesome Web Security / Tools / Auditing | |||
prowler | 10,641 | 5 days ago | Tool for AWS security assessment, auditing and hardening by |
slurp | 2 | about 2 years ago | Evaluate the security of S3 buckets by |
A2SV | 618 | almost 4 years ago | Auto Scanning to SSL Vulnerability by |
Awesome Web Security / Tools / Command Injection | |||
commix | 4,531 | 4 days ago | Automated All-in-One OS command injection and exploitation tool by |
Awesome Web Security / Tools / Reconnaissance | |||
Shodan | Shodan is the world's first search engine for Internet-connected devices by | ||
Censys | Censys is a search engine that allows computer scientists to ask questions about the devices and networks that compose the Internet by | ||
urlscan.io | Service which analyses websites and the resources they request by | ||
ZoomEye | Cyberspace Search Engine by | ||
FOFA | Cyberspace Search Engine by | ||
NSFOCUS | THREAT INTELLIGENCE PORTAL by NSFOCUS GLOBAL | ||
Photon | 10,931 | about 2 months ago | Incredibly fast crawler designed for OSINT by |
FOCA | 2,916 | almost 2 years ago | FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans by |
SpiderFoot | Open source footprinting and intelligence-gathering tool by | ||
xray | 2,190 | 3 months ago | XRay is a tool for recon, mapping and OSINT gathering from public networks by |
gitrob | 5,902 | about 2 years ago | Reconnaissance tool for GitHub organizations by |
GSIL | 2,119 | 10 months ago | Github Sensitive Information LeakageïŒGithubææ俥æŻæłéČïŒby |
raven | 773 | over 4 years ago | raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin by |
ReconDog | 1,793 | over 3 years ago | Reconnaissance Swiss Army Knife by |
Databases - start.me | Various databases which you can use for your OSINT research by | ||
peoplefindThor | the easy way to find people on Facebook by [postkassen](mailto: ?subject=peoplefindthor.dk comments) | ||
tinfoleak | 1,919 | over 5 years ago | The most complete open-source tool for Twitter intelligence analysis by |
Raccoon | 3,075 | 4 months ago | High performance offensive security tool for reconnaissance and vulnerability scanning by |
Social Mapper | 3,772 | over 2 years ago | Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf) by |
espi0n/Dockerfiles | 38 | about 6 years ago | Dockerfiles for various OSINT tools by |
Sublist3r | 9,713 | 2 months ago | Sublist3r is a multi-threaded sub-domain enumeration tool for penetration testers by |
EyeWitness | 11 | 4 months ago | EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible by |
subDomainsBrute | 3,460 | about 2 years ago | A simple and fast sub domain brute tool for pentesters by |
AQUATONE | 5,605 | over 2 years ago | Tool for Domain Flyovers by |
domain_analyzer | 1,842 | almost 2 years ago | Analyze the security of any domain by finding all the information possible by |
VirusTotal domain information | Searching for domain information by | ||
Certificate Transparency | 869 | about 1 year ago | Google's Certificate Transparency project fixes several structural flaws in the SSL certificate system by |
Certificate Search | Enter an Identity (Domain Name, Organization Name, etc), a Certificate Fingerprint (SHA-1 or SHA-256) or a crt.sh ID to search certificate(s) by | ||
GSDF | 175 | over 6 years ago | Domain searcher named GoogleSSLdomainFinder by |
Awesome Web Security / Tools / Code Generating | |||
VWGen | 83 | almost 7 years ago | Vulnerable Web applications Generator by |
Awesome Web Security / Tools / Fuzzing | |||
wfuzz | 5,879 | about 2 months ago | Web application bruteforcer by |
charsetinspect | 25 | over 8 years ago | Script that inspects multi-byte character sets looking for characters with specific user-defined properties by |
IPObfuscator | 137 | about 2 years ago | Simple tool to convert the IP to a DWORD IP by |
domato | 1,673 | about 1 month ago | DOM fuzzer by |
FuzzDB | 8,160 | 11 months ago | Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery |
dirhunt | 1,750 | 11 months ago | Web crawler optimized for searching and analyzing the directory structure of a site by |
ssltest | Online service that performs a deep analysis of the configuration of any SSL web server on the public internet. Provided by | ||
fuzz.txt | 2,853 | about 2 months ago | Potentially dangerous files by |
Awesome Web Security / Tools / Scanning | |||
wpscan | 8,520 | 27 days ago | WPScan is a black box WordPress vulnerability scanner by |
JoomlaScan | 210 | about 1 year ago | Free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan by |
WAScan | Is an open source web application security scanner that uses "black-box" method, created by | ||
Nuclei | 20,069 | 9 days ago | Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use by |
Awesome Web Security / Tools / Penetration Testing | |||
Burp Suite | Burp Suite is an integrated platform for performing security testing of web applications by | ||
TIDoS-Framework | 1,768 | over 1 year ago | A comprehensive web application audit framework to cover up everything from Reconnaissance and OSINT to Vulnerability Analysis by |
Astra | 2,486 | 4 months ago | Automated Security Testing For REST API's by |
aws_pwn | 1,165 | about 1 year ago | A collection of AWS penetration testing junk by |
grayhatwarfare | Public buckets by | ||
Awesome Web Security / Tools / Offensive | |||
beef | 9,717 | 21 days ago | The Browser Exploitation Framework Project by |
JShell | 508 | over 5 years ago | Get a JavaScript shell with XSS by |
XSStrike | 13,203 | 2 months ago | XSStrike is a program which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs by |
xssor2 | 2,122 | almost 3 years ago | XSS'OR - Hack with JavaScript by |
csp evaluator | A tool for evaluating content-security-policies by | ||
sqlmap | 32,113 | 11 days ago | Automatic SQL injection and database takeover tool |
tplmap | 3,746 | 6 months ago | Code and Server-Side Template Injection Detection and Exploitation Tool by |
dtd-finder | 601 | 8 months ago | List DTDs and generate XXE payloads using those local DTDs by |
XSRFProbe | 1,100 | 5 months ago | The Prime CSRF Audit & Exploitation Toolkit by |
Open redirect/SSRF payload generator | Open redirect/SSRF payload generator by | ||
Awesome Web Security / Tools / Leaking | |||
HTTPLeaks | 1,966 | 17 days ago | All possible ways, a website can leak HTTP requests by |
dvcs-ripper | 1,694 | 3 months ago | Rip web accessible (distributed) version control systems: SVN/GIT/HG... by |
DVCS-Pillage | 312 | over 7 years ago | Pillage web accessible GIT, HG and BZR repositories by |
GitMiner | 2,086 | about 4 years ago | Tool for advanced mining for content on Github by |
gitleaks | 17,494 | 10 days ago | Searches full repo history for secrets and keys by |
CSS-Keylogging | 3,211 | over 6 years ago | Chrome extension and Express server that exploits keylogging abilities of CSS by |
pwngitmanager | 106 | over 8 years ago | Git manager for pentesters by |
snallygaster | 2,053 | 2 months ago | Tool to scan for secret files on HTTP servers by |
LinkFinder | 3,647 | 6 months ago | Python script that finds endpoints in JavaScript files by |
Awesome Web Security / Tools / Detecting | |||
sqlchop | SQL injection detection engine by | ||
xsschop | XSS detection engine by | ||
retire.js | 3,663 | 10 days ago | Scanner detecting the use of JavaScript libraries with known vulnerabilities by |
malware-jail | 458 | over 1 year ago | Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction by |
repo-supervisor | 633 | over 1 year ago | Scan your code for security misconfiguration, search for passwords and secrets |
bXSS | 501 | over 1 year ago | bXSS is a simple Blind XSS application adapted from by |
OpenRASP | 2,771 | 4 months ago | An open source RASP solution actively maintained by Baidu Inc. With context-aware detection algorithm the project achieved nearly no false positives. And less than 3% performance reduction is observed under heavy server load |
GuardRails | A GitHub App that provides security feedback in Pull Requests | ||
Awesome Web Security / Tools / Preventing | |||
DOMPurify | 13,749 | 10 days ago | DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG by |
js-xss | 5,206 | 7 months ago | Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist by |
Acra | 1,350 | 19 days ago | Client-side encryption engine for SQL databases, with strong selective encryption, SQL injections prevention and intrusion detection by |
Csper | A set of tools for building/evaluating/monitoring content-security-policy to prevent/detect cross site scripting by | ||
Awesome Web Security / Tools / Proxy | |||
Charles | HTTP proxy / HTTP monitor / Reverse Proxy that enables a developer to view all of the HTTP and SSL / HTTPS traffic between their machine and the Internet | ||
mitmproxy | 36,030 | 14 days ago | Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers by |
Awesome Web Security / Tools / Webshell | |||
nano | 432 | over 4 years ago | Family of code golfed PHP shells by |
webshell | 10,038 | 6 months ago | This is a webshell open source project by |
Weevely | 3,167 | 5 months ago | Weaponized web shell by |
Webshell-Sniper | 419 | over 3 years ago | Manage your website via terminal by |
Reverse-Shell-Manager | 237 | over 1 year ago | Reverse Shell Manager via Terminal |
reverse-shell | 1,842 | 9 months ago | Reverse Shell as a Service by |
PhpSploit | 2,195 | 5 months ago | Full-featured C2 framework which silently persists on webserver via evil PHP oneliner by |
Awesome Web Security / Tools / Disassembler | |||
plasma | 3,050 | about 3 years ago | Plasma is an interactive disassembler for x86/ARM/MIPS by |
radare2 | 20,462 | 3 days ago | Unix-like reverse engineering framework and commandline tools by |
IaitĆ | 1,465 | over 3 years ago | Qt and C++ GUI for radare2 reverse engineering framework by |
Awesome Web Security / Tools / Decompiler | |||
CFR | Another java decompiler by | ||
Awesome Web Security / Tools / DNS Rebinding | |||
DNS Rebind Toolkit | 482 | about 3 years ago | DNS Rebind Toolkit is a frontend JavaScript framework for developing DNS Rebinding exploits against vulnerable hosts and services on a local area network (LAN) by |
dref | 479 | over 3 years ago | DNS Rebinding Exploitation Framework. Dref does the heavy-lifting for DNS rebinding by |
Singularity of Origin | 1,025 | 4 months ago | It includes the necessary components to rebind the IP address of the attack server DNS name to the target machine's IP address and to serve attack payloads to exploit vulnerable software on the target machine by |
Whonow DNS Server | 620 | almost 3 years ago | A malicious DNS server for executing DNS Rebinding attacks on the fly by |
Awesome Web Security / Tools / Others | |||
Dnslogger | DNS Logger by | ||
CyberChef | 28,680 | about 2 months ago | The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - by |
ntlm_challenger | 140 | almost 2 years ago | Parse NTLM over HTTP challenge messages by |
cefdebug | 194 | over 4 years ago | Minimal code to connect to a CEF debugger by |
ctftool | 1,640 | about 3 years ago | Interactive CTF Exploration Tool by |
Awesome Web Security / Social Engineering Database | |||
haveibeenpwned | Check if you have an account that has been compromised in a data breach by | ||
Awesome Web Security / Blogs | |||
Orange | Taiwan's talented web penetrator | ||
leavesongs | China's talented web penetrator | ||
James Kettle | Head of Research at | ||
Broken Browser | Fun with Browser Vulnerabilities | ||
Scrutiny | Internet Security through Web Browsers by Dhiraj Mishra | ||
BRETT BUERHAUS | Vulnerability disclosures and rambles on application security | ||
n0tr00t | ~# n0tr00t Security Team | ||
OpnSec | Open Mind Security! | ||
RIPS Technologies | Write-ups for PHP vulnerabilities | ||
0Day Labs | Awesome bug-bounty and challenges writeups | ||
Blog of Osanda | Security Researching and Reverse Engineering | ||
Awesome Web Security / Twitter Users | |||
@HackwithGitHub | Initiative to showcase open source hacking tools for hackers and pentesters | ||
@filedescriptor | Active penetrator often tweets and writes useful articles | ||
@cure53berlin | is a German cybersecurity firm | ||
@XssPayloads | The wonderland of JavaScript unexpected usages, and more | ||
@kinugawamasato | Japanese web penetrator | ||
@h3xstream | Security Researcher, interested in web security, crypto, pentest, static analysis but most of all, samy is my hero | ||
@garethheyes | English web penetrator | ||
@hasegawayosuke | Japanese javascript security researcher | ||
@shhnjk | Web and Browsers Security Researcher | ||
Awesome Web Security / Practices / Application | |||
OWASP Juice Shop | 10,213 | 14 days ago | Probably the most modern and sophisticated insecure web application - Written by and the team |
BadLibrary | 57 | 9 months ago | Vulnerable web application for training - Written by |
Hackxor | Realistic web application hacking game - Written by | ||
SELinux Game | Learn SELinux by doing. Solve Puzzles, show skillz - Written by | ||
Portswigger Web Security Academy | Free trainings and labs - Written by | ||
Awesome Web Security / Practices / AWS | |||
FLAWS | Amazon AWS CTF challenge - Written by | ||
CloudGoat | 2,910 | 10 days ago | Rhino Security Labs' "Vulnerable by Design" AWS infrastructure setup tool - Written by |
Awesome Web Security / Practices / XSS | |||
XSS game | Google XSS Challenge - Written by Google | ||
prompt(1) to win | Complex 16-Level XSS Challenge held in summer 2014 (+4 Hidden Levels) - Written by | ||
alert(1) to win | Series of XSS challenges - Written by | ||
XSS Challenges | Series of XSS challenges - Written by yamagata21 | ||
Awesome Web Security / Practices / ModSecurity / OWASP ModSecurity Core Rule Set | |||
ModSecurity / OWASP ModSecurity Core Rule Set | Series of tutorials to install, configure and tune ModSecurity and the Core Rule Set - Written by | ||
Awesome Web Security / Community | |||
Stack Overflow | |||
Awesome Web Security / Miscellaneous | |||
awesome-bug-bounty | 4,579 | 9 months ago | Comprehensive curated list of available Bug Bounty & Disclosure Programs and write-ups by |
bug-bounty-reference | 3,710 | 2 months ago | List of bug bounty write-up that is categorized by the bug nature by |
Google VRP and Unicorns | Written by | ||
Brute Forcing Your Facebook Email and Phone Number | Written by | ||
Pentest + Exploit dev Cheatsheet wallpaper | Penetration Testing and Exploit Dev CheatSheet | ||
The Definitive Security Data Science and Machine Learning Guide | Written by JASON TROS | ||
EQGRP | 4,093 | over 7 years ago | Decrypted content of eqgrp-auction-file.tar.xz by |
notes | 1,265 | about 5 years ago | Some public notes by |
A glimpse into GitHub's Bug Bounty workflow | Written by | ||
Cybersecurity Campaign Playbook | Written by | ||
Infosec_Reference | 5,535 | 4 months ago | Information Security Reference That Doesn't Suck by |
Internet of Things Scanner | Check if your internet-connected devices at home are public on Shodan by | ||
The Bug Hunters Methodology v2.1 | Written by | ||
$7.5k Google services mix-up | Written by | ||
How I exploited ACME TLS-SNI-01 issuing Let's Encrypt SSL-certs for any domain using shared hosting | Written by | ||
TL:DR: VPN leaks usersâ IPs via WebRTC. Iâve tested seventy VPN providers and 16 of them leaks usersâ IPs via WebRTC (23%) | Written by | ||
Escape and Evasion Egressing Restricted Networks | Written by | ||
Be careful what you copy: Invisibly inserting usernames into text with Zero-Width Characters | Written by | ||
Domato Fuzzer's Generation Engine Internals | Written by | ||
CSS Is So Overpowered It Can Deanonymize Facebook Users | Written by | ||
Introduction to Web Application Security | Written by , and | ||
Finding The Real Origin IPs Hiding Behind CloudFlare or TOR | Written by | ||
Why Facebook's api starts with a for loop | Written by | ||
How I could have stolen your photos from Google - my first 3 bug bounty writeups | Written by | ||
An example why NAT is NOT security | Written by | ||
WEB APPLICATION PENETRATION TESTING NOTES | Written by | ||
Hacking with a Heads Up Display | Written by | ||
Alexa Top 1 Million Security - Hacking the Big Ones | Written by | ||
The bug bounty program that changed my life | Written by | ||
List of bug bounty writeups | Written by | ||
Implications of Loading .NET Assemblies | Written by | ||
WCTF2019: Gyotaku The Flag | Written by | ||
How we abused Slack's TURN servers to gain access to internal services | Written by | ||
DOS File Path Magic Tricks | Written by | ||
How I got my first big bounty payout with Tesla | Written by |