Web Security

Written by @swisskyrepo.

Written by @cure53.

Written by @s0md3v.

Written by @jackmasa.

Written by @payloadbox.

Written by @HoLyVieR.

Written by @payloadbox.

Written by @payloadbox.

Written by @drigg3r.

Written by @payloadbox

Written by Mario Heiderich.

Written by @payloadbox.

Written by @brunofacca.

Written by @Hakky54.

Written by @shhnjk.

Written by @ptoomey3.

Written by @ptoomey3.

Written by @dxa4481.

Written by @capacitorset.

Written by @iblue.

Written by @iblue.

Written by @denandz.

Written by @epidemics-scepticism.

A $25k bounty for SSRF leading to ROOT Access in all instances by 0xacb.

Written by aesteral.

Written by opnsec.

Written by Alyssa Herrera.

Collection of JavaScript engine CVEs with PoCs by @tunz.

Curated list of CVE PoCs by @qazbnm456.

各种漏洞poc、Exp的收集或编写 by @coffeehb.

Collection of UXSS CVEs with PoCs by @Metnew.

Tool for AWS security assessment, auditing and hardening by @Alfresco.

Evaluate the security of S3 buckets by @hehnope.

Auto Scanning to SSL Vulnerability by @hahwul.

Automated All-in-One OS command injection and exploitation tool by @commixproject.

Incredibly fast crawler designed for OSINT by @s0md3v.

FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans by ElevenPaths.

XRay is a tool for recon, mapping and OSINT gathering from public networks by @evilsocket.

Reconnaissance tool for GitHub organizations by @michenriksen.

Github Sensitive Information Leakage（Github敏感信息泄露）by @FeeiCN.

raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin by @0x09AL.

Reconnaissance Swiss Army Knife by @s0md3v.

The most complete open-source tool for Twitter intelligence analysis by @vaguileradiaz.

High performance offensive security tool for reconnaissance and vulnerability scanning by @evyatarmeged.

Social Media Enumeration & Correlation Tool by Jacob Wilkin(Greenwolf) by @SpiderLabs.

Dockerfiles for various OSINT tools by @espi0n.

Sublist3r is a multi-threaded sub-domain enumeration tool for penetration testers by @aboul3la.

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible by @ChrisTruncer.

A simple and fast sub domain brute tool for pentesters by @lijiejie.

Tool for Domain Flyovers by @michenriksen.

Analyze the security of any domain by finding all the information possible by @eldraco.

Google's Certificate Transparency project fixes several structural flaws in the SSL certificate system by @google.

Enter an Identity (Domain Name, Organization Name, etc), a Certificate Fingerprint (SHA-1 or SHA-256) or a crt.sh ID to search certificate(s) by @crtsh.

Domain searcher named GoogleSSLdomainFinder by @We5ter.

Vulnerable Web applications Generator by @qazbnm456.

Web application bruteforcer by @xmendez.

Script that inspects multi-byte character sets looking for characters with specific user-defined properties by @hack-all-the-things.

Simple tool to convert the IP to a DWORD IP by @OsandaMalith.

DOM fuzzer by @google.

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

Web crawler optimized for searching and analyzing the directory structure of a site by @nekmo.

Potentially dangerous files by @Bo0oM.

WPScan is a black box WordPress vulnerability scanner by @wpscanteam.

Free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan by @drego85.

Is an open source web application security scanner that uses "black-box" method, created by @m4ll0k.

Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use by @projectdiscovery.

A comprehensive web application audit framework to cover up everything from Reconnaissance and OSINT to Vulnerability Analysis by @_tID.

Automated Security Testing For REST API's by @flipkart-incubator.

A collection of AWS penetration testing junk by @dagrz.

The Browser Exploitation Framework Project by beefproject.

Get a JavaScript shell with XSS by @s0md3v.

XSStrike is a program which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs by @s0md3v.

XSS'OR - Hack with JavaScript by @evilcos.

Automatic SQL injection and database takeover tool.

Code and Server-Side Template Injection Detection and Exploitation Tool by @epinna.

List DTDs and generate XXE payloads using those local DTDs by @GoSecure.

The Prime CSRF Audit & Exploitation Toolkit by @0xInfection.

All possible ways, a website can leak HTTP requests by @cure53.

Rip web accessible (distributed) version control systems: SVN/GIT/HG... by @kost.

Pillage web accessible GIT, HG and BZR repositories by @evilpacket.

Tool for advanced mining for content on Github by @UnkL4b.

Searches full repo history for secrets and keys by @zricethezav.

Chrome extension and Express server that exploits keylogging abilities of CSS by @maxchehab.

Git manager for pentesters by @allyshka.

Tool to scan for secret files on HTTP servers by @hannob.

Python script that finds endpoints in JavaScript files by @GerbenJavado.

Scanner detecting the use of JavaScript libraries with known vulnerabilities by @RetireJS.

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction by @HynekPetrak.

Scan your code for security misconfiguration, search for passwords and secrets.

bXSS is a simple Blind XSS application adapted from cure53.de/m by @LewisArdern.

An open source RASP solution actively maintained by Baidu Inc. With context-aware detection algorithm the project achieved nearly no false positives. And less than 3% performance reduction is observed under heavy server load.

A GitHub App that provides security feedback in Pull Requests.

DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG by Cure53.

Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist by @leizongmin.

Client-side encryption engine for SQL databases, with strong selective encryption, SQL injections prevention and intrusion detection by @cossacklabs.

Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers by @mitmproxy.

Family of code golfed PHP shells by @s0md3v.

This is a webshell open source project by @tennc.

Weaponized web shell by @epinna.

Manage your website via terminal by @WangYihang.

Reverse Shell Manager via Terminal @WangYihang.

Reverse Shell as a Service by @lukechilds.

Full-featured C2 framework which silently persists on webserver via evil PHP oneliner by @nil0x42.

Plasma is an interactive disassembler for x86/ARM/MIPS by @plasma-disassembler.

Unix-like reverse engineering framework and commandline tools by @radare.

Qt and C++ GUI for radare2 reverse engineering framework by @hteso.

DNS Rebind Toolkit is a frontend JavaScript framework for developing DNS Rebinding exploits against vulnerable hosts and services on a local area network (LAN) by @brannondorsey

DNS Rebinding Exploitation Framework. Dref does the heavy-lifting for DNS rebinding by @mwrlabs

It includes the necessary components to rebind the IP address of the attack server DNS name to the target machine's IP address and to serve attack payloads to exploit vulnerable software on the target machine by @nccgroup

A malicious DNS server for executing DNS Rebinding attacks on the fly by @brannondorsey

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - by @GCHQ.

Parse NTLM over HTTP challenge messages by @b17zr.

Minimal code to connect to a CEF debugger by @taviso.

Interactive CTF Exploration Tool by @taviso.

Probably the most modern and sophisticated insecure web application - Written by @bkimminich and the @owasp_juiceshop team.

Vulnerable web application for training - Written by @SecureSkyTechnology.

Rhino Security Labs' "Vulnerable by Design" AWS infrastructure setup tool - Written by @RhinoSecurityLabs.