Find web directories without bruteforce
-
Updated
Oct 29, 2023 - Python
Find web directories without bruteforce
Tool to bypass 403/40X response codes.
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Pwnable|Web Security|Cryptography CTF-style challenges
A scope generation tool for Burp Suite & ZAP
Encoder to bypass WAF filters using XOR operations.
Discover hidden debugging parameters and uncover web application secrets
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
🎯 CSV Injection Payloads
🎯 Directory Payload List
Some good resources for getting started with application security
Script to automate PUT HTTP method exploitation to get shell
A cli for cracking, testing vulnerabilities on Json Web Token(JWT)
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
A web application for generating custom XSS payloads
▲ Web services for JavaScript, Angular.js, React.js, Vue.js, Meteor.js, Node.js, and other JavaScript-based websites, web apps, single page applications (SPA), and progressive web applications (PWA). Our services: Pre-rendering, Monitoring, Web Analytics, WebSec, and Web-CRON
a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Additional Resources For Securing The Stack Tutorials
Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.
Add a description, image, and links to the websec topic page so that developers can more easily learn about it.
To associate your repository with the websec topic, visit your repo's landing page and select "manage topics."