cloudgoat by RhinoSecurityLabs

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

created at July 17, 2018, 12:21 a.m.

74 +0

2,974 +3

622 +3

fuzz.txt by Bo0oM

Potentially dangerous files

created at Jan. 19, 2016, 1:35 p.m.

86 +0

2,885 +2

488 +1

H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

created at March 28, 2014, 8:42 a.m.

153 +0

2,857 +3

420 +0

openrasp by baidu

🔥Open source RASP solution

created at Aug. 10, 2017, 11:09 a.m.

109 +0

2,793 +2

601 -1

Astra by flipkart-incubator

Automated Security Testing For REST API's

created at Jan. 10, 2018, 11:56 a.m.

86 +0

2,512 +6

402 +1

Some-PoC-oR-ExP by coffeehb

各种漏洞poc、Exp的收集或编写

created at March 13, 2015, 3:31 p.m.

154 +0

2,384 +2

972 +0

js-vuln-db by tunz

A collection of JavaScript engine CVEs with PoCs

created at Aug. 6, 2016, 1:02 a.m.

185 +0

2,291 +2

405 +0

phpsploit by nil0x42

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

created at May 21, 2014, 7:43 p.m.

104 +0

2,221 +8

440 +1

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

created at July 8, 2017, 8:48 p.m.

80 +0

2,206 +2

299 +0

xssor2 by evilcos

XSS'OR - Hack with JavaScript.

created at June 25, 2017, 6:32 a.m.

94 +0

2,129 +0

381 +0

GSIL by FeeiCN

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

created at Oct. 11, 2017, 10:14 a.m.

61 +0

2,124 -1

486 +0

GitMiner by UnkL4b

Tool for advanced mining for content on Github

created at Feb. 27, 2016, 12:30 p.m.

108 +0

2,092 +2

426 +0

snallygaster by hannob

Tool to scan for secret files on HTTP servers

created at April 10, 2018, 12:01 p.m.

74 +0

2,076 +2

228 +0

HTTPLeaks by cure53

HTTPLeaks - All possible ways, a website can leak HTTP requests

created at April 17, 2015, 2:48 p.m.

90 +0

1,980 -1

202 +0

tinfoleak by vaguileradiaz

The most complete open-source tool for Twitter intelligence analysis

created at Jan. 27, 2018, 7:03 p.m.

73 +0

1,932 +3

270 +1

reverse-shell by lukechilds

Reverse Shell as a Service

created at Sept. 13, 2017, 11:38 a.m.

31 +0

1,852 +0

234 +0

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

created at Aug. 8, 2017, 6:52 p.m.

83 +0

1,844 +1

240 +0

zen-rails-security-checklist by brunofacca

Checklist of security precautions for Ruby on Rails applications.

created at April 10, 2017, 8:36 p.m.

76 +0

1,814 +1

150 +0

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

created at June 12, 2017, 6:19 p.m.

83 +0

1,814 +5

340 +0

TIDoS-Framework by theInfectedDrake

The Offensive Manual Web Application Penetration Testing Framework.

created at June 8, 2018, 7:05 a.m.

124 +0

1,781 +2

392 +1