EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
created at Feb. 26, 2014, 4:23 p.m.
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
created at Sept. 18, 2012, 2:05 p.m.
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
created at Sept. 13, 2014, 12:08 a.m.
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
created at April 23, 2018, 6:09 a.m.
Reconnaissance tool for GitHub organizations
created at Jan. 7, 2015, 1:58 p.m.
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
created at Sept. 10, 2015, 5:54 p.m.
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com
created at July 11, 2012, 8:27 p.m.
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
created at Sept. 19, 2014, 2:53 p.m.
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
created at Aug. 24, 2016, 3:12 p.m.
Incredibly fast crawler designed for OSINT.
created at March 30, 2018, 7:38 p.m.
Fast and customizable vulnerability scanner based on simple YAML based DSL.
created at April 3, 2020, 6:47 p.m.