websec

#网络爬虫#Find web directories without bruteforce

🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.

Web Content Discovery Tool

#面试#Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be as...

#夺旗赛 (CTF) 和网络安全资源#Pwnable|Web Security|Cryptography CTF-style challenges

Encoder to bypass WAF filters using XOR operations.

Discover hidden debugging parameters and uncover web application secrets

🎯 CSV Injection Payloads

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

#Awesome#🎯 Directory Payload List

Some good resources for getting started with application security

CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).

A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

Script to automate PUT HTTP method exploitation to get shell

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)

A web application for generating custom XSS payloads

▲ SEO Middleware • Web Analytics • Web CRON • WebSec • HTTP & SNMP Monitoring • ostr.io is a unified web-services platform

a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.

在Java安全学习过程中的笔记和代码

Additional Resources For Securing The Stack Tutorials