WS-Attacker
web service tester
A modular framework for testing web services security vulnerabilities
WS-Attacker is a modular framework for web services penetration testing. It is developed by the Chair of Network and Data Security, Ruhr University Bochum (https://nds.rub.de/ ) and the Hackmanit GmbH (https://www.hackmanit.de/).
476 stars
32 watching
117 forks
Language: Java
last commit: 4 months ago
Linked from 1 awesome list
infoslack/awesome-web-hackingRelated projects:
| Repository | Description | Stars |
|---|---|---|
 jcesarstef/dotdotslash | Automated tool to test website directory traversal vulnerabilities by injecting user-controlled input into URLs and analyzing responses. | 422 |
 0xinfection/tidos-framework | A comprehensive web application penetration testing framework with modules for reconnaissance, enumeration, and vulnerability analysis. | 1,787 |
 sunweb3sec/defivulnlabs | A comprehensive training and testing guide for common smart contract vulnerabilities in DeFi applications | 1,640 |
 webpwnized/mutillidae | An intentionally vulnerable web application designed to aid in learning and practicing web security skills | 1,282 |
 pownjs/pown | A toolkit for testing and exploiting security vulnerabilities in software written in JavaScript | 260 |
 wallarm/gotestwaf | A tool to assess and evaluate API security solutions by generating malicious requests and simulating attacks on web applications. | 1,578 |
 mandatoryprogrammer/xsshunter | A service designed to test for cross-site scripting (XSS) vulnerabilities in web applications by automatically firing XSS payloads and collecting information about the resulting responses. | 1,501 |
 jobertabma/ground-control | A collection of scripts for debugging security vulnerabilities in web servers | 535 |
 m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
 owasp/securityshepherd | A training platform for web and mobile application security testing and learning | 1,356 |
 1n3/intruderpayloads | A collection of tools and methodologies for identifying vulnerabilities in web applications | 3,698 |
 whwlsfb/log4j2scan | A tool that scans websites for Log4j2 remote code execution vulnerabilities using multiple DNS log platforms and supports various scan types | 776 |
 snapview/tungstenite-rs | A lightweight WebSocket implementation for Rust. | 1,952 |
 hahwul/xspear | Automated testing tool for identifying vulnerabilities in web applications via cross-site scripting (XSS) attacks | 1,215 |
 mindpatch/lorsrf | A tool designed to identify parameters in web applications that can be exploited for SSRF or out-of-band resource load attacks. | 291 |