WS-Attacker
web service tester
A modular framework for testing web services security vulnerabilities
WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit GmbH (https://www.hackmanit.de/).
476 stars
32 watching
117 forks
Language: Java
last commit: 2 months ago
Linked from 1 awesome list
infoslack/awesome-web-hackingRelated projects:
| Repository | Description | Stars |
|---|---|---|
 jcesarstef/dotdotslash | Automated tool to test website directory traversal vulnerabilities by injecting user-controlled input into URLs and analyzing responses. | 422 |
 0xinfection/tidos-framework | A comprehensive web application penetration testing framework with modules for reconnaissance, enumeration, and vulnerability analysis. | 1,786 |
 sunweb3sec/defivulnlabs | A comprehensive training and testing guide for common smart contract vulnerabilities in DeFi applications | 1,633 |
 webpwnized/mutillidae | An intentionally vulnerable web application designed to aid in learning and practicing web security skills | 1,279 |
 pownjs/pown | A toolkit for testing and exploiting security vulnerabilities in software written in JavaScript | 260 |
 wallarm/gotestwaf | A tool to assess and evaluate API security solutions by generating malicious requests and simulating attacks on web applications. | 1,574 |
 mandatoryprogrammer/xsshunter | A service designed to test for cross-site scripting (XSS) vulnerabilities in web applications by automatically firing XSS payloads and collecting information about the resulting responses. | 1,499 |
 jobertabma/ground-control | A collection of scripts for debugging security vulnerabilities in web servers | 533 |
 m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
 owasp/securityshepherd | A training platform for web and mobile application security testing and learning | 1,353 |
 1n3/intruderpayloads | A collection of Burpsuite and other web application testing tools and methodologies | 3,695 |
 whwlsfb/log4j2scan | A tool that scans websites for Log4j2 remote code execution vulnerabilities using multiple DNS log platforms and supports various scan types | 775 |
 snapview/tungstenite-rs | A lightweight WebSocket implementation for Rust. | 1,944 |
 hahwul/xspear | Automated testing tool for identifying vulnerabilities in web applications via cross-site scripting (XSS) attacks | 1,213 |
 mindpatch/lorsrf | A tool designed to identify parameters in web applications that can be exploited for SSRF or out-of-band resource load attacks. | 291 |