openrasp by baidu

🔥Open source RASP solution

created at Aug. 10, 2017, 11:09 a.m.

108 +0

2,700 +5

586 +0

phpsploit by nil0x42

Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor

created at May 21, 2014, 7:43 p.m.

103 +0

2,146 +7

434 +1

certificate-transparency by google

Auditing for TLS certificates.

created at May 20, 2014, 5:03 p.m.

103 +0

866 +0

282 +0

CSS-Keylogging by maxchehab

Chrome extension and Express server that exploits keylogging abilities of CSS.

created at Feb. 20, 2018, 6:19 p.m.

97 +0

3,198 +1

431 +0

xssor2 by evilcos

XSS'OR - Hack with JavaScript.

created at June 25, 2017, 6:32 a.m.

95 +0

2,098 +2

378 +0

notes by ChALkeR

Some public notes

created at Oct. 17, 2015, 11:02 p.m.

92 -1

1,261 +0

77 +0

sql-injection-payload-list by payloadbox

🎯 SQL Injection Payload List

created at Oct. 30, 2019, 5:03 a.m.

90 +1

4,378 +18

1,079 +5

HTTPLeaks by cure53

HTTPLeaks - All possible ways, a website can leak HTTP requests

created at April 17, 2015, 2:48 p.m.

90 -1

1,931 +0

194 +0

fuzz.txt by Bo0oM

Potentially dangerous files

created at Jan. 19, 2016, 1:35 p.m.

86 +0

2,794 +2

476 +3

retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

created at Aug. 30, 2013, 9:43 p.m.

86 -1

3,529 +6

412 +0

Astra by flipkart-incubator

Automated Security Testing For REST API's

created at Jan. 10, 2018, 11:56 a.m.

86 +0

2,430 +2

385 -2

tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

created at July 6, 2016, 8:33 p.m.

84 -1

3,643 +8

662 +0

domain_analyzer by eldraco

Analyze the security of any domain by finding all the information possible. Made in python.

created at Aug. 8, 2017, 6:52 p.m.

83 +0

1,837 +1

245 +0

ReconDog by UltimateHackers

Reconnaissance Swiss Army Knife

created at June 12, 2017, 6:19 p.m.

82 +0

1,710 +3

335 +0

iaito by hteso

This project has been moved to:

created at March 28, 2017, 5:27 p.m.

82 +0

1,470 +0

131 +0

xray by evilsocket

XRay is a tool for recon, mapping and OSINT gathering from public networks.

created at July 8, 2017, 8:48 p.m.

79 +0

2,143 +0

293 -1

zen-rails-security-checklist by brunofacca

Checklist of security precautions for Ruby on Rails applications.

created at April 10, 2017, 8:36 p.m.

76 +0

1,815 +0

150 +0

snallygaster by hannob

Tool to scan for secret files on HTTP servers

created at April 10, 2018, 12:01 p.m.

75 +0

2,023 +1

231 +0

tinfoleak by vaguileradiaz

The most complete open-source tool for Twitter intelligence analysis

created at Jan. 27, 2018, 7:03 p.m.

72 +0

1,896 +1

273 +1

command-injection-payload-list by payloadbox

🎯 Command Injection Payload List

created at Nov. 3, 2018, 6:35 p.m.

72 +0

2,663 +7

589 +5