Awesome Open Source

Programming Languages

Search results for penetration testing application security

application-security x

penetration-testing x

21 search results found

Dirsearch ⭐ 11,165

Web path scanner

Juice Shop ⭐ 9,406

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Awesome Web Hacking ⭐ 5,260

A list of web application security

Whatweb ⭐ 5,096

Next generation web scanner

Faraday ⭐ 4,422

Open Source Vulnerability Management Platform

Security Study Plan ⭐ 3,949

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

Payloads ⭐ 3,289

Git All the Payloads! A collection of web attack payloads.

Metlo ⭐ 1,537

Metlo is an open-source API security platform.

Nope Proxy ⭐ 1,503

TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.

Mutillidae ⭐ 1,113

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

Androl4b ⭐ 1,050

A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

Learn365 ⭐ 1,006

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

Breaking And Pwning Apps And Servers Aws Azure Training ⭐ 885

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Security ⭐ 830

Some of my security stuff and vulnerabilities. Nothing advanced. More to come.

Leaky Paths ⭐ 746

A collection of special paths linked to common internal paths, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

Damn Vulnerable Bank ⭐ 600

Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

Jackhammer ⭐ 599

Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.

Application Security ⭐ 519

Resources for Application Security including Web, API, Android, iOS and Thick Client

Practicalcybersecurityresources ⭐ 471

This repository contains a curated list of resources I suggest on LinkedIn and Twitter.📝🌝

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

Juice Shop Ctf ⭐ 391

Tool to export Juice Shop challenges and hints in data format compatible with CTFd, RootTheBox or FBCTF

Agartha ⭐ 292

a burp extension creates dynamic payloads to reveal injection flaws(LFI, RCE, SQLi), generates user access tables to spot authentication/authorization issues, and copys Http requests as JavaScript code.

Learn365 ⭐ 207

This repository is about @AnubhavSingh_'s 365 days of Learning Tweets collection.

Awesome Ios Security ⭐ 201

A curated list of awesome iOS application security resources.

Crimson ⭐ 194

Web Application Security Testing Tools

Bulwark ⭐ 163

An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.

Pycript ⭐ 153

Burp Suite extension for bypassing client-side encryption using custom logic for pentesting and bug bounty

An open source Android application that is intentionally vulnerable so as to act as a learning platform for Android application security beginners.

Faction ⭐ 133

Pen Test Report Generation and Assessment Collaboration

Backup Finder ⭐ 129

A burp suite extension that reviews backup, old, temporary and unreferenced files on web server for sensitive information (OWASP WSTG-CONF-04, OTG-CONFIG-004)

Vulnplanet ⭐ 123

Vulnerable code snippets with fixes for Web2, Web3, API, iOS, Android and Infrastructure-as-Code (IaC)

Vulnerable Flask App ⭐ 121

Erlik 2 - Vulnerable-Flask-App

Admin Panel_finder ⭐ 110

A burp suite extension that enumerates infrastructure and application admin interfaces (OTG-CONFIG-005)

Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.

S8cn8tes ⭐ 91

Cyber Security Notes, Methodology, Resources and Tips

App Sec Wiki ⭐ 88

Files for appsecwiki.com

Vulnerable Client-Server Application (VuCSA) is made for learning how to perform penetration tests of non-http thick clients. It is written in Java (with JavaFX graphical user interface) and contains multiple challenges including SQL injection, RCE, XML vulnerabilities and more.

Cybersecurityroadmapsuggestions ⭐ 77

This repository contains a list of roadmaps I created with my suggestions on LinkedIn and Twitter.🤞🏻😌

Mssqli Duet ⭐ 57

SQL injection script for MSSQL that extracts domain users from an Active Directory environment based on RID bruteforcing

Sqli Postgres Rce Privesc Hacking Playground ⭐ 52

Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

Pentest Tools ⭐ 48

Penetration Testing Tools Developed by AppSec Consulting.

Aquatone ⭐ 48

A Tool for Domain Flyovers

A modular bug hunting and web application pentesting framework written in Go

Pentestingeverything ⭐ 38

Web | Mobile | API | Thick Client | Source Code Review | Wireless | Network Pentesting etc...

Ssi_extra_materials ⭐ 38

In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them

Obsidiansailboat ⭐ 35

Nmap and NSE command line wrapper in the style of Metasploit

Backbomb ⭐ 27

💣 Dockerized penetration-testing/bugbounty/app-sec testing environment

Vulnerableapp4apisecurity ⭐ 26

This repository was developed using .NET 7.0 API technology based on findings listed in the OWASP 2019 API Security Top 10.

Defcon30 ⭐ 26

DEFCON30 Talk Material, References and Extra Bits

Dotdotfarm ⭐ 20

Fast Path Traversal exploitation tool

Webshells ⭐ 20

webshells written with malice

Vulnerable Code Snippets ⭐ 18

Vulnerable code snippets repository showcasing different vulnerabilities to practice code analysis skills.

Security Internships ⭐ 18

A manually curated list of all security internships available for summer 2017.

Payloadsall ⭐ 17

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Sectester Js Demo ⭐ 16

This is a demo project for the SecTester JS SDK framework, with some installation and usage examples.

Learn Hacking 365 Days ⭐ 15

This repository is about sharing knowledge of Hacking to Beginners and is dedicated to @i_amsphinx 365 days of Learning and the Tweets collection.

urlyzer is a URL parsing analysis tool.

Application security made easy

Awesome Security Vul Llm ⭐ 11

本项目通过大模型联动爬虫，检索Github上所有存有有价值漏洞信息与漏洞POC或规则信息的项目，并自

Cyberspace ⭐ 10

View https://linktr.ee/martian1337 for the Gitbook!!

Burp Suite Gwt Scan ⭐ 10

Burp Suite plugin identifies insertion points for GWT (Google Web Toolkit) requests

Appsec Notes ⭐ 9

My Application Security Notes - web, mobile, thick client, API, and more.

Owasp Wstg Fa ⭐ 7

OWASP Web Security Testing Guide (fa-IR)

Complete Automated pentest framework for Servers and Web Application Security

Pentesting For Devs ⭐ 7

Resources for topics mentioned in the "Pentesting for Developers" training

Mobile Pentest Toolkit ⭐ 7

Ssti Flask Hacking Playground ⭐ 7

App with Server Side Template Injection (SSTI) vulnerability - in Flask. For web penetration testing / ethical hacking. Possible RCE :)

Uni Appsecurity Notes ⭐ 6

Notes for the Anwendungssicherheit (app security) course at HdM Stuttgart.

A collection of AppSec case studies on business logic flaws and insecure design scenarios.

Xss_vulnerability_challenges ⭐ 5

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

BSides, OWASP, DEFCON, RSAC, SANS Talk Material, References and Extra Bits

A demo showing how to harvest credentials from Zapier

The idea is to create a game to teach users about security and penetration testing. I started thinking about how being a hardcore gamer turned me into a hacker. For example, let’s take a look at a game called MegaMan; once you encountered a boss, you had to “fuzz” bosses with different weapons to figure out what the boss was vulnerable to. At first, you approach the boss passively to see what the boss can do. Once you understand how the boss interacts with your character, you start firing differ

Faraday_burp ⭐ 5

Burp Extension for collaboration in Faraday

Pentest_notes ⭐ 5

Related Searches

Python Penetration Testing (1,380)

Security Penetration Testing (767)

Scanner Penetration Testing (373)

1-21 of 21 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2024 Awesome Open Source. All rights reserved.