ChopChop ChopChop is a command-line tool for dynamic application security testing on web applications, initially written by the...
Web Vulnerability Analysis
0l4bs Cross-site scripting labs for web application security enthusiasts List of Chall: ~ Chall 1 | URL...
GadgetProbe Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java...
What is CorsMe? A cors misconfiguration scanner tool based on golang with speed and precision in mind!...
njsscan njsscan is a static application testing (SAST) tool that can find insecure code patterns in your...
SSRFIRE An automated SSRF finder. Just give the domain name and your server and chill! 😉 It...
opulence: Automation platform for open-source intelligence Collectors are responsible for collecting data across many different OSINT sources...
quiver Quiver is an opinionated and curated collection of commands, notes, and scripts I use for bug...
Searpy Search Engine Toolkit Support search engine Shodan Fofa Zoomeye Censys Dnsdb Google Baidu Bing 360so Goo...
JSshell JSshell – a JavaScript reverse shell. This using to exploit XSS remotely, help to find blind...
Nosql injection username and password enumeration script Using this script, we can enumerate Usernames and passwords of...
NoXss NoXss is a cross-site script vulnerability scanner supported reflected xss and dom-based xss. It’s very fast...
hakrawler What is it? hakrawler is a Go web crawler designed for easy, quick discovery of endpoints...
wsltools – Web Scan Lazy Tools wsltools is an elegant and simple Web Scan auxiliary library for...
Klar Integration of Clair and Docker Registry (supports both Clair API v1 and v3) Klar is a...