Projects in Awesome Lists tagged with web-security

https://github.com/mobsf/mobile-security-framework-mobsf

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

android-security api-testing apk cwe devsecops dynamic-analysis ios-security malware-analysis mastg masvs mobile-security mobsf mstg owasp rest runtime-security static-analysis web-security windows-mobile-security

Last synced: 09 Sep 2025

https://github.com/chaitin/safeline

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss

Last synced: 14 May 2025

https://github.com/MobSF/Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

android-security api-testing apk cwe devsecops dynamic-analysis ios-security malware-analysis mastg masvs mobile-security mobsf mstg owasp rest runtime-security static-analysis web-security windows-mobile-security

Last synced: 19 Mar 2025

https://github.com/chaitin/SafeLine

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss

Last synced: 25 Mar 2025

https://github.com/hacker0x01/hacker101

Source code for Hacker101.com - a free online web and mobile security class.

clickjacking csrf education hacker101 hackerone hacking mobile-security security session-fixation sql-injection unchecked-redirects vulnerability web-security xss

Last synced: 25 Jul 2025

https://github.com/Hacker0x01/hacker101

Source code for Hacker101.com - a free online web and mobile security class.

clickjacking csrf education hacker101 hackerone hacking mobile-security security session-fixation sql-injection unchecked-redirects vulnerability web-security xss

Last synced: 13 Mar 2025

https://github.com/nahamsec/resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss

Last synced: 25 Mar 2025

https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

A list of resources for those interested in getting started in bug bounties

bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss

Last synced: 28 Mar 2025

https://github.com/bunkerity/bunkerweb

🛡️ Open-source and next-generation Web Application Firewall (WAF)

antibot bunkerized-nginx cybersecurity devops devsecops dnsbl docker hardening hosting kubernetes letsencrypt modsecurity nginx reverse-proxy security security-tuning swarm waf web-application-firewall web-security

Last synced: 12 May 2025

https://github.com/palahsu/ddos-ripper

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

attack-defense attack-server ddos ddos-attack ddos-attack-tool ddos-attack-tools ddos-attacks ddos-protection ddos-ripper ddos-tool deface-website denial-of-service hacking-tool hacking-tools internet-traffic linux-tools protection security sql-injection web-security

Last synced: 14 May 2025

https://github.com/palahsu/DDoS-Ripper

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

attack-defense attack-server ddos ddos-attack ddos-attack-tool ddos-attack-tools ddos-attacks ddos-protection ddos-ripper ddos-tool deface-website denial-of-service hacking-tool hacking-tools internet-traffic linux-tools protection security sql-injection web-security

Last synced: 06 Apr 2025

https://github.com/0xsobky/hackvault

A container repository for my public web hacks!

exploit fuzzing payloads pentesting reconnaissance regex tracking web-security xss

Last synced: 08 Apr 2025

https://github.com/0xSobky/HackVault

A container repository for my public web hacks!

exploit fuzzing payloads pentesting reconnaissance regex tracking web-security xss

Last synced: 13 Mar 2025

https://github.com/qi4l/jyso

JNDIExploit or a ysoserial.

attack gadget java jndi jndi-injection ldap mem-shell middleware-echo rmi web-security ysoserial

Last synced: 14 May 2025

https://github.com/qi4L/JYso

JNDIExploit or a ysoserial.

attack gadget java jndi jndi-injection ldap mem-shell middleware-echo rmi web-security ysoserial

Last synced: 04 Apr 2025

https://github.com/wangyihang/githacker

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

git githack web-security

Last synced: 14 May 2025

https://github.com/WangYihang/GitHacker

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

git githack web-security

Last synced: 28 Mar 2025

https://github.com/lunasec-io/lunasec

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

compliance continuous-delivery cve-scanning cybersecurity dependency-analysis devsecops gdpr log4shell pci-dss sbom sbom-generator scanning scanning-tool security security-tools soc2 software-composition-analysis tokenization web-security zero-trust

Last synced: 15 May 2025

https://github.com/Ge0rg3/requests-ip-rotator

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

apigateway aws bugbounty bypass hacktoberfest ip networking security security-tools web-security

Last synced: 13 Apr 2025

https://github.com/ge0rg3/requests-ip-rotator

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

apigateway aws bugbounty bypass hacktoberfest ip networking security security-tools web-security

Last synced: 13 Apr 2025

https://github.com/4ra1n/super-xray

Web漏洞扫描工具XRAY的GUI启动器

vulnerability-scanners web-security

Last synced: 11 Jul 2025

https://github.com/blst-security/cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

api api-security best-practices blst business-logic cli cyber cybersecurity firecracker http open-source openapi openapi3 security security-tools web-sec-scanner web-security websecurity

Last synced: 10 Apr 2025

https://github.com/devanshbatham/favfreak

Making Favicon.ico based Recon Great again !

bugbounty bughunting hacking information-gathering osint recon reconnaissance web-security webappsec

Last synced: 07 Apr 2025

https://github.com/devanshbatham/FavFreak

Making Favicon.ico based Recon Great again !

bugbounty bughunting hacking information-gathering osint recon reconnaissance web-security webappsec

Last synced: 07 Apr 2025

https://github.com/chenjj/corscanner

🎯 Fast CORS misconfiguration vulnerabilities scanner

cors cors-misconfigurations cors-policy cors-scanner python python3 vulnerability-scanners web-security

Last synced: 15 May 2025

https://github.com/chenjj/CORScanner

🎯 Fast CORS misconfiguration vulnerabilities scanner

cors cors-misconfigurations cors-policy cors-scanner python python3 vulnerability-scanners web-security

Last synced: 16 Apr 2025

https://github.com/typeerror/secure

Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.

content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security

Last synced: 14 May 2025

https://github.com/TypeError/secure

Lightweight modern Python library to add security headers (CSP, HSTS, etc.) to Django, Flask, FastAPI, and more. Secure defaults or fully customizable.

content-security-policy django fastapi flask headers headers-security http-headers python python-security referrer-policy secure-headers security security-headers strict-transport-security web-security

Last synced: 26 Mar 2025

https://github.com/pushsecurity/saas-attacks

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

offensive-security saas web-security

Last synced: 14 Apr 2025

https://github.com/Zeyad-Azima/Offensive-Resources

A Huge Learning Resources with Labs For Offensive Security Players

api api-security cloud-security cybersecurity hack hacking infrastructure learning mobile mobile-security offensive offensive-security owasp owasp-top-10 red-team red-teaming redteam security web web-security

Last synced: 11 Jul 2025

https://github.com/zeyad-azima/offensive-resources

A Huge Learning Resources with Labs For Offensive Security Players

api api-security cloud-security cybersecurity hack hacking infrastructure learning mobile mobile-security offensive offensive-security owasp owasp-top-10 red-team red-teaming redteam security web web-security

Last synced: 04 Apr 2025

https://github.com/backdoorhub/shell-backdoor-list

🎯 PHP / ASP - Shell Backdoor List 🎯

asp-backdoor asp-net b374k backdoor c99 hack hacking hackingcode kacak php php-backdoor r57 shell shell-backdoor web web-hacking web-security web-shell websecurity wso

Last synced: 30 Jun 2025

https://github.com/incredibleindishell/ssrf_vulnerable_lab

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

attack exploitation hacking lab server-side-request-forgery ssrf web-security

Last synced: 02 Apr 2025

https://github.com/4ra1n/mysql-fake-server

MySQL Fake Server (纯Java实现，支持GUI版和命令行版，提供Dockerfile，支持多种常见JDBC利用)

fake-server jdbc mysql vulnerability web-security

Last synced: 04 Apr 2025

https://github.com/Lookyloo/lookyloo

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.

capture dfir information-security lookyloo privacy scraping web-security

Last synced: 02 Apr 2025

https://github.com/incredibleindishell/SSRF_Vulnerable_Lab

This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack

attack exploitation hacking lab server-side-request-forgery ssrf web-security

Last synced: 22 Apr 2025

https://github.com/tempesta-tech/tempesta

All-in-one solution for high performance web content delivery and advanced protection against DDoS and web attacks

bots database ddos-protection high-performance http-accelerator http2 linux-kernel load-balancer security tls web-application-firewall web-performance web-security

Last synced: 15 May 2025

https://github.com/turbo/openftp4

A list of all FTP servers in IPv4 that allow anonymous logins.

ftp web-security

Last synced: 04 Mar 2025

https://github.com/hueristiq/xurlfind3r

A command-line utility designed to discover URLs for a given domain in a simple, efficient way. It works by gathering information from a variety of passive sources, meaning it doesn't interact directly with the target but instead gathers data that is already publicly available.

bug-bounty bug-bounty-tools contentdiscovery ethical-hacking ethical-hacking-tools go golang osint osint-tools penetration-testing penetration-testing-tools reconnaissance red-teaming red-teaming-tools web-security

Last synced: 24 Oct 2025

https://github.com/madneal/articles-translator

:books:Translate the distinct technical blogs. Please star or watch. Welcome to join me.

article codeql css javascript memory-management npm parcel pwa react security security-tools vue web web-security webpack

Last synced: 15 May 2025

https://github.com/Tmpertor/Raven-Storm

Raven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.

attacks botnet ddos ddos-attack-tools ddos-attacks ddos-script ddos-tool denial-of-service dos mitm penetration-tests pentesting protection python security security-tools server stress-testing termux web-security

Last synced: 30 Apr 2025

https://github.com/harmoc/ctftools

Personal CTF Toolkit

ctf-tools hacking hacking-tool web-security

Last synced: 02 Apr 2025

https://github.com/trailofbits/twa

A tiny web auditor with strong opinions.

auditing hacktoberfest security web-security

Last synced: 15 May 2025

https://github.com/Harmoc/CTFTools

Personal CTF Toolkit

ctf-tools hacking hacking-tool web-security

Last synced: 13 Mar 2025

https://github.com/dmdhrumilmistry/pyhtools

A Python Hacking Library consisting of network scanner, arp spoofer and detector, dns spoofer, code injector, packet sniffer, network jammer, email sender, downloader, wireless password harvester credential harvester, keylogger, download&execute, ransomware, data harvestors, etc.

apihacking dmdhrumilmistry hacking hacking-tool hacking-tools hackingwithpython malware-development penetration-testing python python3 ransomware remoteaccess telegram-hack web-hac web-security

Last synced: 12 Apr 2025

https://github.com/Cryin/JavaID

java source code static code analysis and danger function identify prog

java-code-audit web-security

Last synced: 13 Mar 2025

https://github.com/cryin/javaid

java source code static code analysis and danger function identify prog

java-code-audit web-security

Last synced: 05 Apr 2025

https://github.com/splitline/How-to-Hack-Websites

開源的正體中文 Web Hacking 學習資源 - 程式安全 2021 Fall

ctf security web-security

Last synced: 02 Apr 2025

https://github.com/0x4d31/burpa

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

automation burp burpsuite devops python security security-automation security-scanner security-tools web-security

Last synced: 05 Dec 2025

https://github.com/0x4D31/burpa

Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Application Security Testing (DAST).

automation burp burpsuite devops python security security-automation security-scanner security-tools web-security

Last synced: 11 Apr 2025

https://github.com/enkomio/Taipan

Web application vulnerability scanner

application-security hacking hacking-tool security security-audit security-automation security-scanner security-testing security-tools taipan web web-application web-sec-scanner web-security web-security-research

Last synced: 02 Apr 2025

https://github.com/enkomio/taipan

Web application vulnerability scanner

application-security hacking hacking-tool security security-audit security-automation security-scanner security-testing security-tools taipan web web-application web-sec-scanner web-security web-security-research

Last synced: 01 Aug 2025

https://github.com/luigigubello/PayloadsAllThePDFs

PDF Files for Pentesting

pentesting web-pentest web-security

Last synced: 14 Jul 2025

https://github.com/burpheart/koko-moni

一个基于网络空间搜索引擎的攻击面管理平台，可定时进行资产信息爬取，及时发现新增资产，本项目聚合了 Fofa、Hunter、Quake、Zoomeye 和 Threatbook 的数据源，并对获取到的数据进行去重与清洗

blueteam easm fofa hunter infosec pentest-tool quake redteam security security-tools threatbook web-security zoomeye

Last synced: 11 Jul 2025

https://github.com/Brum3ns/firefly

Black box fuzzer for web applications

black-box-testing blackbox bugbounty fuzz fuzzer fuzzing penetration-testing pentesting security-tools web-security

Last synced: 19 Apr 2025

https://github.com/jasonlovesdoggo/caddy-defender

Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites

ai ai-blocker blocker blockers caddy caddy-plugin caddyserver chatgpt filter ip-blacklist ip-filtering security waf web-security

Last synced: 30 Dec 2025

https://github.com/Yavuzlar/VulnLab

web-security web-security-lab

Last synced: 22 Apr 2025

https://github.com/mazen160/jwt-pwn

Security Testing Scripts for JWT

jwt jwt-cracker jwt-pwn web-security

Last synced: 09 Apr 2025

https://github.com/Rizer0/Log-killer

Clear all your logs in [linux/windows] servers 🛡️

hacking logs security server-management web-security

Last synced: 07 Apr 2025

https://github.com/rizer0/log-killer

Clear all your logs in [linux/windows] servers 🛡️

hacking logs security server-management web-security

Last synced: 02 Apr 2025

https://github.com/Lissy93/domain-locker

🌐 The all-in-one tool, for keeping track of your domain name portfolio. Got domain names? Get Domain Locker!

alternative-to automation dashboard docker domain-investment domain-management monitoring saas saas-application self-hosted status-page web-security

Last synced: 13 Aug 2025

https://github.com/chrispetrou/FDsploit

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

directory-traversal directory-traversal-vulnerability enumeration exploitation file-include fuzzing hacking inclusion lfi lfi-shells lfi-vulnerability oscp owasp path-traversal penetration-testing pentesting rfi security security-tools web-security

Last synced: 02 Apr 2025

https://github.com/fabriziosalmi/caddy-waf

Caddy WAF (OWASP rule-based filtering, IP and DNS filtering, rate limiting, GeoIP)

caddy caddy-plugin caddyserver security-tools waf web-application-firewall web-security

Last synced: 20 Sep 2025

https://github.com/wangyihang/reverse-shell-manager

:hammer: A multiple reverse shell session/client manager via terminal

attack-defense command-and-control ctf exploit pentesting pty python reverse-shell socket web-security

Last synced: 09 Apr 2025

https://github.com/WangYihang/Reverse-Shell-Manager

:hammer: A multiple reverse shell session/client manager via terminal

attack-defense command-and-control ctf exploit pentesting pty python reverse-shell socket web-security

Last synced: 11 Jul 2025

https://github.com/zhuyingda/veneno

security web-security xss

Last synced: 10 Apr 2025

https://github.com/serain/bbrecon

Python library and CLI for the Bug Bounty Recon API

bug-bounty-recon bugbounty bugbountytips bugcrowd cybersecurity federacy hackenproof hackerone hacking osint recon security web-security yeswehack

Last synced: 11 Jul 2025

https://github.com/feross/cs253.stanford.edu

CS 253 Web Security course at Stanford University

javascript security stanford web web-security

Last synced: 13 Sep 2025

https://github.com/codingo/Minesweeper

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

bitcoin blacklist blacklist-extension bugbounty burp-extensions burp-plugin burpsuite burpsuitepro coinhive coinhive-miners cryptocurrency cryptojacking hacking hacking-tool penetration-testing security-audit security-scanner security-tools web-application-hacking web-security

Last synced: 19 Apr 2025

https://github.com/voorhoede/lighthouse-security

Runs the default Google Lighthouse tests with additional security tests

audit cli developer-tools lighthouse reporting security web-security

Last synced: 06 Apr 2025

https://github.com/codingo/minesweeper

A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).

bitcoin blacklist blacklist-extension bugbounty burp-extensions burp-plugin burpsuite burpsuitepro coinhive coinhive-miners cryptocurrency cryptojacking hacking hacking-tool penetration-testing security-audit security-scanner security-tools web-application-hacking web-security

Last synced: 13 Apr 2025

https://github.com/yaph/domxssscanner

DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities

dom domxss online-tool scanner web-security xss-vulnerability

Last synced: 02 Apr 2025

https://github.com/telekom-security/explo

Human and machine readable web vulnerability testing format

automation pentesting security web-security

Last synced: 06 Apr 2025

https://github.com/secaegis/secautoban

恶意IP全自动封禁平台。支持收集如下安全设备告警：长亭WAF社区版（SafeLine）、微步蜜罐HFish、奇安信天眼、奇安信椒图、绿盟WAF、科来网络安全分析审计系统。支持如下设备联动封禁：RouterOS、OPNsense、CheckPoint、旁路阻断（无需设备配合）、奇安信防火墙

docker firewall hids sec security security-tools waf web-security

Last synced: 16 May 2025

https://github.com/sec-report/secautoban

恶意IP全自动封禁平台。支持收集如下安全设备告警：长亭WAF社区版（SafeLine）、微步蜜罐HFish、奇安信天眼、奇安信椒图、绿盟WAF、科来网络安全分析审计系统。支持如下设备联动封禁：RouterOS、OPNsense、CheckPoint、旁路阻断（无需设备配合）、奇安信防火墙

docker firewall hids sec security security-tools waf web-security

Last synced: 12 Apr 2025

https://github.com/SecAegis/SecReport

ChatGPT加持的，多人在线协同信息安全报告编写平台。目前支持的报告类型：渗透测试报告，APP隐私合规报告。

ai chatgpt collaboration collaborations docker openai pentest privacy rce report retest sec security security-tools sql-injection vulnerabilities web-security xss

Last synced: 07 Sep 2025

https://github.com/secaegis/secreport

ChatGPT加持的，多人在线协同信息安全报告编写平台。目前支持的报告类型：渗透测试报告，APP隐私合规报告。

ai chatgpt collaboration collaborations docker openai pentest privacy rce report retest sec security security-tools sql-injection vulnerabilities web-security xss

Last synced: 11 Jun 2025

https://github.com/bt3gl/Pentesting_Toolkit

👾 a decade of resources for security researchers: pentesting, CTF, wargames, cryptography, forensics, reverse engineering, IoCs, botnets, cloud hacking, linux hacking, steganography, vulnerabilities, etc.

botnets cryptography ctf forensics gray-hacker-resources hacking infosec iocs linux malwares network penetration-testing pentesting post-exploitation reverse-engineering rubber-ducky steganography vulnerabilities wargame web-security

Last synced: 06 Mar 2025

https://github.com/sec-report/secreport

ChatGPT加持的，多人在线协同信息安全报告编写平台。目前支持的报告类型：渗透测试报告，APP隐私合规报告。

ai chatgpt collaboration collaborations docker openai pentest privacy rce report retest sec security security-tools sql-injection vulnerabilities web-security xss

Last synced: 05 Apr 2025

https://github.com/AvalZ/WAF-A-MoLE

A guided mutation-based fuzzer for ML-based Web Application Firewalls

adversarial-machine-learning machine-learning web web-application-firewall web-security

Last synced: 12 Jul 2025

https://github.com/hueristiq/web-hacking-toolkit

A web hacking toolkit (docker image).

bug-bounty bugbounty bugbounty-tool docker docker-image docker-images dockerhub hacker-tools hacking nmap osint penetration-testing pentesting recon reconnaissance web-hacking web-hacking-tool web-hacking-toolkit web-security

Last synced: 21 Aug 2025

https://github.com/SecAegis/SecAutoBan

恶意IP全自动封禁平台。支持收集如下安全设备告警：长亭WAF社区版（SafeLine）、微步蜜罐HFish、奇安信天眼、奇安信椒图、绿盟WAF、科来网络安全分析审计系统。支持如下设备联动封禁：RouterOS、OPNsense、CheckPoint、奇安信防火墙、旁路阻断（无需设备配合）

docker firewall hids sec security security-tools waf web-security

Last synced: 07 Sep 2025

https://github.com/codedamn/roadmaps

Curriculum for full-stack learning path on codedamn. Become a full-stack web developer with relevant technologies of 2022

css graphql html javascript mongodb nodejs react rest web-security

Last synced: 15 Apr 2025

https://github.com/turbo/c4

Open IP cameras in IPv4

camera web-security

Last synced: 04 Mar 2025

https://github.com/aapanel/aawaf

堡塔云WAF，宝塔免费(free)的私有云网站应用防火墙(firewall)，基于docker/nginx/lua开发

acl captcha cc-attack ddos ddos-attacks ddos-defense ddos-protection docker firewall http-flood modsecurity nginx security security-tools sqli-injection waf web-application-firewall web-security xss

Last synced: 07 Apr 2025

https://github.com/KajanM/DirBuster

DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.

bruteforce forced-browse fuzz owasp web-security

Last synced: 29 Apr 2025

https://github.com/0xAwali/Blind-SSRF

Nuclei Templates to reproduce Cracking the lens's Research

blindssrf bugbounty nuclei nuclei-templates ssrf web-security

Last synced: 11 Jul 2025

https://github.com/purpleteam-labs/purpleteam

CLI component of OWASP PurpleTeam

application-security build-tool ci cli cloud-security devsecops devsecops-pipeline hacktoberfest purpleteam security-regression-testing security-testing web-security

Last synced: 01 Apr 2025

https://github.com/4ra1n/poc-runner

Small & Fast Vulnerability Scanner Engine based on XRAY YAML Rule | 基于 XRAY YAML 规则的超轻量快速漏洞扫描引擎 | 可执行文件体积仅 2 MB

poc security vulnerability vulnerability-detection vulnerability-scanner web-security web-vulnerability-scanner

Last synced: 21 Jul 2025

https://github.com/yuvadm/viewstate

ASP.NET View State Decoder

asp-net dotnet hacktoberfest python python3 scraping security viewstate web-security

Last synced: 04 Oct 2025

https://github.com/hueristiq/xcrawl3r

A command-line interface (CLI) based utility to recursively crawl webpages. It is designed to systematically browse webpages' URLs and follow links to discover linked webpages' URLs.

bug-bounty bug-bounty-tools contentdiscovery crawler ethical-hacking ethical-hacking-tools go golang penetration-testing penetration-testing-tools reconnaissance red-teaming red-teaming-tools web-security