web-security | Topic | Ecosyste.ms: Repos

Topic: "web-security"

PascalCTF/PascalCTF-Beginners-2025 📦

This repository contains all the sourcecodes and writeups of the 2025 edition of the PascalCTF.

Language: CSS - Size: 9.13 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 8 - Forks: 0

i-m-down-QQ/writeups

CTF Writeups Backup

Size: 1.25 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 8 - Forks: 0

sametsahinnet/collectvars

collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.

Language: JavaScript - Size: 7.52 MB - Last synced at: 9 months ago - Pushed at: 9 months ago - Stars: 8 - Forks: 6

EdoardoVignati/ResponseThief

Multi thread check for HTTP status codes of a domain list

Language: Python - Size: 96.7 KB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 8 - Forks: 1

Divinemonk/ctfdb

{ CTF Database }= (A collection of of websites and resources you will ever need for offline/online CTF competitions)

Size: 61.5 KB - Last synced at: 2 months ago - Pushed at: almost 2 years ago - Stars: 8 - Forks: 0

DEMON1A/WEngine

WEngine - Web framework allows you to build your own web-based applications

Language: Python - Size: 109 KB - Last synced at: 2 months ago - Pushed at: over 2 years ago - Stars: 8 - Forks: 1

morpheuslord/Brute-Hacking-Framework

complete windows hacker's kit with all required configurations and a completely open-source toolkit

Language: Batchfile - Size: 23.4 KB - Last synced at: about 2 months ago - Pushed at: over 4 years ago - Stars: 8 - Forks: 5

eliranmaman/ELRO-Security-Project

ELRO-Security is an advance & free WAF (Web Application Firewall), It is using to defend servers and especially websites around the internet. It is very easy to install and allow websites owner to add their own website via a web application interface which makes it accessible for almost everyone regardless of the level of codding.

Language: Python - Size: 7.67 MB - Last synced at: about 1 month ago - Pushed at: over 4 years ago - Stars: 8 - Forks: 2

gayanukabulegoda/SpringJWT

SpringJWT is a simple project designed to help users understand JWT implementation with Spring Security, including the use of bearer tokens for secure authentication.

Language: Java - Size: 24.4 KB - Last synced at: about 2 months ago - Pushed at: 8 months ago - Stars: 7 - Forks: 1

aashishsec/httpAlive

HttpAlive is a web probing tool designed for discovering alive subdomains and URLs, and it offers options for updating the tool, specifying input/output files, and adjusting concurrency and threading levels.

Language: Python - Size: 109 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 7 - Forks: 1

mkassm/portswigger-labs

This is my space for practicing portswigger labs and web vulnerabilities

Size: 54.7 MB - Last synced at: 6 days ago - Pushed at: almost 2 years ago - Stars: 7 - Forks: 0

khalidelboray/zap-api-raku

A Raku module for the OWASP ZAP API.

Language: Raku - Size: 104 KB - Last synced at: 9 days ago - Pushed at: almost 5 years ago - Stars: 7 - Forks: 1

berndhopp/vaadin-security

ILAY - authorization for Vaadin

Language: Java - Size: 334 KB - Last synced at: about 2 years ago - Pushed at: over 5 years ago - Stars: 7 - Forks: 3

robertpeteuil/wordfence-lockout-msgs 📦

Wordfence Custom "Lockout" and "Blocked" Messages that Maximize Security by minimizing information provided to attackers

Language: PHP - Size: 11.7 KB - Last synced at: about 2 years ago - Pushed at: almost 7 years ago - Stars: 7 - Forks: 0

soos-io/soos-dast

SOOS DAST Scanning - Register for a Free Trial at https://app.soos.io/register

Language: Python - Size: 464 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 6 - Forks: 2

sebastian93921/oott

Tools suits for pentesters and for code reviewing

Language: Go - Size: 1.01 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 6 - Forks: 2

geniuszly/GenSPScanner

is a simple and efficient port scanner that quickly identifies open ports on a target IP or domain

Language: Python - Size: 6.84 KB - Last synced at: about 2 months ago - Pushed at: 10 months ago - Stars: 6 - Forks: 0

geniuszly/GenJSDosser

This Node.js tools is designed to perform DDoS attacks, and it also bypasses various JavaScript-based security mechanisms such as Cloudflare, Blazing Fast, Sucuri, StackPath, and others.

Language: JavaScript - Size: 608 KB - Last synced at: 25 days ago - Pushed at: 10 months ago - Stars: 6 - Forks: 0

OSTEsayed/OSTE-Vulnerable-Web-Application

Vulnerable Web application made with PHP/SQL designed to help new web testers gain some experience and test DAST tools for identifying web vulnerabilities. Containing some of the most well-known vulnerabilities such as SQL, cross-site scripting (XSS), OS command injections, our intention to expand more vulnerabilities for learning purposes.

Language: PHP - Size: 136 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 6 - Forks: 1

purpleteam-labs/purpleteam-orchestrator

Orchestrator component of OWASP PurpleTeam

Language: JavaScript - Size: 1.02 MB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 6 - Forks: 6

abdurahman-ctis/Hackathor-ClouDek

Web Vulnerabilities Incidents Monitoring Service using Machine Learning. Awarded 2nd place at Hackathor.

Language: Python - Size: 36.4 MB - Last synced at: over 1 year ago - Pushed at: over 2 years ago - Stars: 6 - Forks: 3

purpleteam-labs/purpleteam-iac-sut

Infrastructure as Code for SUTs

Language: HCL - Size: 158 KB - Last synced at: about 1 year ago - Pushed at: almost 3 years ago - Stars: 6 - Forks: 2

jallen89/mnemosyne

Mnemosyne: A Postmortem Watering Hole Investigation System

Language: Python - Size: 39.1 KB - Last synced at: over 2 years ago - Pushed at: about 4 years ago - Stars: 6 - Forks: 1

marzekan/Anomaly_based_IDS

A proof-of-concept for an Anomaly-based Intrusion Detection System based on a neural network.

Language: Jupyter Notebook - Size: 968 KB - Last synced at: about 2 years ago - Pushed at: almost 5 years ago - Stars: 6 - Forks: 6

bi-zone/highload-2019

Задачи для HighLoad++ 2019 от BI.ZONE

Language: Go - Size: 13.1 MB - Last synced at: about 1 year ago - Pushed at: over 5 years ago - Stars: 6 - Forks: 5

Kode-n-Rolla/pentesting_time

Offensive security cheat sheet library

Language: Python - Size: 897 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 5 - Forks: 1

dorkengine/dorkengine.github.io

Introducing "Dork Engine" – the ultimate bug bounty tool! Open multiple Google Dorks with a click, making vulnerability discovery and sensitive info hunting faster and easier. Boost your bug bounty game!

Language: HTML - Size: 64.5 KB - Last synced at: 7 months ago - Pushed at: 8 months ago - Stars: 5 - Forks: 3

geniuszly/GenProxyJSChecker

is a Node.js tool designed to validate the functionality of various types of proxy servers, including HTTP, HTTPS, SOCKS4, and SOCKS5. It reads a list of proxies from a file, checks each proxy's connectivity using the specified protocol, and logs the results.

Language: JavaScript - Size: 153 KB - Last synced at: 25 days ago - Pushed at: 10 months ago - Stars: 5 - Forks: 1

Alok-2002/Encryption-And-Decryption-Programs

This repository contains a collection of ciphers and encryption applications implemented in Python. The ciphers include classic ciphers like Caesar Cipher, Vigenere Cipher, Playfair Cipher, etc. The encryption applications include tools for encryption and decryption of messages, password generators, and more.

Language: Python - Size: 9.77 KB - Last synced at: almost 2 years ago - Pushed at: almost 2 years ago - Stars: 5 - Forks: 0

whoismh11/owasp-wstg-fa

OWASP Web Security Testing Guide (fa-IR)

Size: 3.33 MB - Last synced at: about 2 years ago - Pushed at: about 2 years ago - Stars: 5 - Forks: 1

thangchung/Mime-Detector Fork of Muraad/Mime-Detective

Mime type for files.

Language: C# - Size: 84 KB - Last synced at: 7 months ago - Pushed at: over 5 years ago - Stars: 5 - Forks: 2

ChanMenglin/WebSecurity

Web-Security(Web 安全)

Size: 2.59 MB - Last synced at: about 2 months ago - Pushed at: over 5 years ago - Stars: 5 - Forks: 0

theKadeshi/theKadeshi.py

Antimalware software

Language: Python - Size: 2.66 MB - Last synced at: about 1 year ago - Pushed at: almost 8 years ago - Stars: 5 - Forks: 5

cybersecplayground/bugbounty-Tips-and-Tricks

A curated collection of bug bounty tips, tricks, payloads, and bypass techniques

Language: Shell - Size: 184 KB - Last synced at: about 19 hours ago - Pushed at: 1 day ago - Stars: 4 - Forks: 0

un-ts/domiso

The smallest and fastest DOM sanitizer based on browser native DOMParser

Language: TypeScript - Size: 379 KB - Last synced at: 9 days ago - Pushed at: 13 days ago - Stars: 4 - Forks: 1

Pratham-verma/Web_Application_Firewall

This project presents a powerful Web Application Firewall (WAF) designed to protects web applications from malicious activities. By leveraging machine learning algorithms, the WAF efficiently filters and detects potentially harmful requests before they reach the website, ensuring robust security.

Language: Jupyter Notebook - Size: 16.7 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 4 - Forks: 0

codecop/ticketmagpie Fork of dhatanian/ticketmagpie

Demo of a webapp with flawed security, for training purposes.

Language: Java - Size: 4.53 MB - Last synced at: 8 days ago - Pushed at: 3 months ago - Stars: 4 - Forks: 0

nijithneo/VulnScanX

The Security Testing Tool is a command-line app for web app security. It checks XSS, SQLi, and RCE vulnerabilities. Easy to use, customizable payloads, and detailed results empower developers and security pros to enhance web app security ethically.

Language: Python - Size: 125 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 4 - Forks: 3

purpleteam-labs/purpleteam-server-scanner

Server scanning component of OWASP PurpleTeam

Language: JavaScript - Size: 707 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 4 - Forks: 2

purpleteam-labs/purpleteam-logger

Logging component of OWASP PurpleTeam

Language: JavaScript - Size: 427 KB - Last synced at: 10 days ago - Pushed at: over 2 years ago - Stars: 4 - Forks: 3

purpleteam-labs/purpleteam-s2-containers

Stage Two containers of OWASP PurpleTeam

Language: Shell - Size: 43.9 KB - Last synced at: about 2 years ago - Pushed at: over 2 years ago - Stars: 4 - Forks: 4

anshumanpattnaik/hackbotone-website

HackbotOne | Exploring Application Security & Software Development

Language: CSS - Size: 65.8 MB - Last synced at: about 1 month ago - Pushed at: over 2 years ago - Stars: 4 - Forks: 2

tweedge/websights

Well-labeled files & regexes to search for when performing reconnaissance against websites.

Language: Python - Size: 12.7 KB - Last synced at: 11 days ago - Pushed at: about 3 years ago - Stars: 4 - Forks: 0

danieldanielecki/JavaScript-Security-Engineering

JavaScript Security Engineering (Helicopter View) workshop, crafted for 3 hours with a bunch of demos

Language: TypeScript - Size: 19 MB - Last synced at: 25 days ago - Pushed at: over 3 years ago - Stars: 4 - Forks: 1

Ovi3/webanalyzer

Web指纹识别工具

Language: Python - Size: 41 KB - Last synced at: almost 2 years ago - Pushed at: over 4 years ago - Stars: 4 - Forks: 1

JavierOlmedo/OASS

📄 OWASP Automatic Scan Script

Language: Python - Size: 293 KB - Last synced at: about 2 months ago - Pushed at: almost 6 years ago - Stars: 4 - Forks: 2

multiparty/secure-code-delivery-extension

Chrome extension for federated secure web application code delivery.

Language: JavaScript - Size: 49.8 KB - Last synced at: about 1 year ago - Pushed at: over 7 years ago - Stars: 4 - Forks: 0

rhamenator/ai-scraping-defense

A containerized AI Scraping Defense Stack using Nginx+Lua for edge filtering and Python backend services (FastAPI/Flask) to detect, tarpit, and block malicious bots. Features Redis blocklisting, heuristic/ML analysis, PostgreSQL tarpit data, and alerting. Deployable via Docker/Kubernetes.

Language: Python - Size: 534 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 3 - Forks: 1

marthijn/Sidio.Web.Security

Helper functions and middleware to secure ASP.NET Core applications

Language: C# - Size: 1.24 MB - Last synced at: 12 days ago - Pushed at: 13 days ago - Stars: 3 - Forks: 0

kevinThulnith/Restaurant-Website

Full Stack Restaurant Website (php, SQL, JavaScript, css, html, Composer)

Language: CSS - Size: 13.9 MB - Last synced at: about 1 month ago - Pushed at: 3 months ago - Stars: 3 - Forks: 0

Al-shwaib/burpsuite-mastery-guide

🔒 A comprehensive bilingual (Arabic/English) guide for mastering Burp Suite Pro - from basics to advanced techniques

Size: 24.4 KB - Last synced at: 2 months ago - Pushed at: 6 months ago - Stars: 3 - Forks: 2

FrostFoe/DorkER

Dorker: Brought to you by the CIA (Chaotic Individuals Agency) and proudly sponsored by the FBI (Fatema Bureau of Investigation). A tool so sharp, it doesn't just scrape the surface—it digs deep into the heart of the internet. Handle with care... or don’t. After all, we're not your parents, and you definitely didn’t get this from us. 😎

Language: Python - Size: 4.88 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 3 - Forks: 0

Fear2o/VulnSpectre

Advanced web vulnerability scanner for detecting SQLi, XSS, and open ports with multi-threaded support and detailed logging.

Language: Python - Size: 332 KB - Last synced at: about 2 months ago - Pushed at: 6 months ago - Stars: 3 - Forks: 0

rpzfuu/SubScanX

SubScanX is a fast and efficient subdomain discovery tool designed for security professionals and developers. It helps you uncover hidden subdomains associated with any domain, enhancing your security assessments and understanding of the attack surface.

Language: Python - Size: 406 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 3 - Forks: 0

vontanne/secure-hasher

A lightweight, dependency-free hashing library for Node.js, providing essential functionalities to hash and compare data securely.

Language: JavaScript - Size: 13.7 KB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 0

to016/CTFs

Language: JavaScript - Size: 195 MB - Last synced at: over 1 year ago - Pushed at: over 1 year ago - Stars: 3 - Forks: 1

rikurauhala/hack-this 📦

A web application written in TypeScript to demonstrate common security flaws and vulnerabilities

Language: TypeScript - Size: 740 KB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 3 - Forks: 0

robyfirnandoyusuf/NoSQLInsanity

NoSQLInsanity: Tool for Security Assesment NoSQL (Linear Search VS Binary Search)

Language: Python - Size: 98.6 KB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 3 - Forks: 0

maximebories/regexp-scraper

Advanced used of Puppeteer to scrape a web engine results against a RegExp

Language: TypeScript - Size: 23.4 KB - Last synced at: 19 days ago - Pushed at: about 2 years ago - Stars: 3 - Forks: 0

anshumanpattnaik/hackbotone-api

HackbotOne API Using Django REST Framework

Language: Python - Size: 194 KB - Last synced at: 3 months ago - Pushed at: over 2 years ago - Stars: 3 - Forks: 0

purpleteam-labs/purpleteam-lambda

AWS Lambda functions of OWASP PurpleTeam

Language: JavaScript - Size: 305 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 3 - Forks: 2

VEIL-IMIST-SEC/VmSecMap

一个为广大安全人员整合的知识框架，目前会涉及到Web安全、Java安全研究、红蓝对抗、应急响应、APP、SRC、CTF等。

Size: 10.8 MB - Last synced at: almost 2 years ago - Pushed at: almost 3 years ago - Stars: 3 - Forks: 0

zbo14/jspeye

A command-line tool that identifies interesting assignments/expressions in JavaScript files

Language: JavaScript - Size: 231 KB - Last synced at: 9 days ago - Pushed at: about 3 years ago - Stars: 3 - Forks: 1

Ectario/jwtbreaker

jwtbreaker - Bruteforce JWT token with a password list

Language: Python - Size: 30.3 KB - Last synced at: almost 2 years ago - Pushed at: over 3 years ago - Stars: 3 - Forks: 0

0xhebi/BND-Recruitment-2021-CTF-Web-Security

[CTF] BND (Federal Intelligence Service) Recruitment 2021 All Web Security Challenges Writeup

Size: 2.51 MB - Last synced at: 10 months ago - Pushed at: over 3 years ago - Stars: 3 - Forks: 3

zbo14/polypath

Request many paths across many web hosts with many HTTP methods and see responses when they're different

Language: Go - Size: 6.84 KB - Last synced at: 2 months ago - Pushed at: almost 5 years ago - Stars: 3 - Forks: 0

githubokkk/Byakugan-Finder

**Byakugan Finder** 👁️ is a fast and efficient **admin panel scanner** that helps penetration testers discover hidden login pages on websites. Inspired by the **Byakugan** from *Naruto*, it uses **multithreading** for speed, supports **custom wordlists**, and saves results automatically. ⚡ Perfect for ethical hacking and security testing! 🚀

Language: Python - Size: 8.79 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 2 - Forks: 0

michardy/account-hijacking-prevention

Software that blocks account hijacking attacks.

Language: Python - Size: 268 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 2 - Forks: 0

cosmin-panescu/Web-Vulnerability-Scanner

📌 Web Vulnerability Scanner

Language: Python - Size: 17.2 MB - Last synced at: 22 days ago - Pushed at: 22 days ago - Stars: 2 - Forks: 0

7underlines/sw-secure-deploy

Security configs and deployment tips for a secure Shopware 6 setup.

Size: 35.2 KB - Last synced at: 6 days ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 0

mgiannopoulos24/CTF-Challenges

Writeups for CTF Challenges.

Language: Python - Size: 146 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 1

SusmoyNath/CyberSecurity-Server_Side_Template_Injection

💥 ServerSideTemplateInjection (SSTI) Demo with Flask A simple Flask app to demonstrate Server-Side Template Injection vulnerabilities — useful for learning, testing, and understanding how SSTI works and how to avoid it.

Language: Python - Size: 3.01 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 2 - Forks: 0

BirdsAreFlyingCameras/WebParse

A web parsing script to extract names, addresses, phone numbers, and emails from a webpage.

Language: Python - Size: 15.3 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 2 - Forks: 0

ieozfr/wordpress-sqli-scanner

EN: Automated WordPress SQL Injection vulnerability scanner and database dumper using Google Dorks, threading, proxy support, and sqlmap integration. TR: Google Dorklar, çoklu tarama ve proxy desteği ile WordPress SQL Injection zaafiyetlerini tespit eden ve veritabanı bilgilerini otomatik çeken Python aracı.

Language: Python - Size: 99.6 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 2 - Forks: 0

ClaudiasLibrary/webAppSec

This tool automates the process of auditing a web application for common security vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and missing HTTP security headers. The results of the audit are stored in an HTML report for easy review.

Language: Python - Size: 11.7 KB - Last synced at: about 2 months ago - Pushed at: 3 months ago - Stars: 2 - Forks: 0

Jieyab89/LaraVuln

LaraVuln, a simple web application aimed at security test labs and application development. Can be done by many test methods such as black box, white box and gray box, this web can be used for web security.

Language: PHP - Size: 21.5 MB - Last synced at: about 2 months ago - Pushed at: 4 months ago - Stars: 2 - Forks: 2

Idriz4work/HTB

Hack The Box (HTB) is an online platform for practicing ethical hacking and cybersecurity skills through real-world challenges and virtual labs.

Language: HTML - Size: 4.31 MB - Last synced at: 3 months ago - Pushed at: 5 months ago - Stars: 2 - Forks: 0

vytaux/zylyty-web-forum-app

A highly-efficient, dynamic, and secure REST API backend for a web forum application. Built with Java and Spring Boot, it supports user registration and authentication, category management, thread creation, post management, and search functionality. The backend is fully dockerized, enabling rapid deployment and scalability in any environment.

Language: Java - Size: 43 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 2 - Forks: 0

CyberSphinxxx/PasswordSentinel

PasswordSentinel is a secure, local-only password manager built with HTML5, CSS3, and JavaScript. All data stays on your device, ensuring complete privacy while offering strong password generation and safe storage.

Language: HTML - Size: 1.31 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 2 - Forks: 0

ahossu/Vianu-Hack-Lessons

The training sessions held by the Cyber Security club at 'Tudor Vianu' High School in Bucharest, Romania.

Language: Python - Size: 1.51 MB - Last synced at: about 2 months ago - Pushed at: 7 months ago - Stars: 2 - Forks: 0

ashwaynn/A-CTFplayer-s-Humble-Notebook

A living notebook containing the details of frequent as well as unique attack techniques, cmds for various security tools etc.

Size: 78.1 KB - Last synced at: 10 months ago - Pushed at: 10 months ago - Stars: 2 - Forks: 0

HyggeHalcyon/HackTheBox

HackTheBox scripts and writeups

Language: PHP - Size: 111 MB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 2 - Forks: 0

FilipRokita/AntiCCScam

AntiCCScam is a Python script that combats credit card fraud by sending fake data to scam websites, disrupting their malicious operations. This tool generates and automates the flooding of scam sites with random credit card information for educational and ethical purposes.

Language: Python - Size: 6.84 KB - Last synced at: 2 months ago - Pushed at: 11 months ago - Stars: 2 - Forks: 0