#网络爬虫#Find web directories without bruteforce
翻译 - 查找没有bruteforce的Web目录
Tool to bypass 403/40X response codes.
#面试#Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be as...
#夺旗赛 (CTF) 和网络安全资源#Pwnable|Web Security|Cryptography CTF-style challenges
Encoder to bypass WAF filters using XOR operations.
Discover hidden debugging parameters and uncover web application secrets
🎯 CSV Injection Payloads
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Some good resources for getting started with application security
A cli for cracking, testing vulnerabilities on Json Web Token(JWT)
CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
A web application for generating custom XSS payloads
▲ Web services for modern and legacy websites, web apps, e-commerce shops, social and corporate portals, and IoT devices. Made for top-notch experience with monitoring, security, web analytics, SEO, a...
a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Additional Resources For Securing The Stack Tutorials
Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.