Join the GitHub Graduation Yearbook and "walk the stage" on June 11.

🆕 The Multi-Tool Web Vulnerability Scanner.

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.

This is a repo for Scripters to contribute helpful scrips for coders and security professionals

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

List DTDs and generate XXE payloads using those local DTDs.

A simple place to learn XSS

Hacker101 CTF Writeup

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

A basic tool to check security headers of a website

The XSS Hunter service - a portable version of XSSHunter.com

these are my web application pentest notes / articles / methods ...etc

IDN homograph attack with more of possibility attacks

Generate unicode evil domains for IDN Homograph Attack and detect them.

intentionally vuln web Application Security in flask or django

Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities

OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts.

all payloads for web pentesting

GraphQL security workshop labs

Join the GitHub Graduation Yearbook and "walk the stage" on June 5.

a collection of Advanced Malwares and APT tools for geek analysts to play with

Firebase Domain Front Code