#网络爬虫#Find web directories without bruteforce
🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.
#面试#Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be as...
#夺旗赛 (CTF) 和网络安全资源#Pwnable|Web Security|Cryptography CTF-style challenges
Encoder to bypass WAF filters using XOR operations.
Discover hidden debugging parameters and uncover web application secrets
🎯 CSV Injection Payloads
A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
Some good resources for getting started with application security
A cli for cracking, testing vulnerabilities on Json Web Token(JWT)
CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).
This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
A web application for generating custom XSS payloads
▲ Web services for modern and legacy websites, web apps, e-commerce shops, social and corporate portals, and IoT devices. Made for top-notch experience with monitoring, security, web analytics, SEO, a...
a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Additional Resources For Securing The Stack Tutorials
CLI tool for filtering URLs/IPs with automatically-updated Bug Bounty program scope rules.