Lists (6)
Stars
Hide secret messages in plain sight using invisible Unicode variation selectors!
The official repository of Mozilla's Firefox web browser.
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
Damn Vulnerable Restaurant is an intentionally vulnerable Web API game for learning and training purposes dedicated to developers, ethical hackers and security engineers.
BChecks collection for Burp Suite Professional and Burp Suite DAST
CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scripting) vulnerabilities on sites where injections are blocke…
A high performance go implementation of Wappalyzer Technology Detection Library
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Unicode characters that will translate a single character to multiple characters in domain names or TLD's
Using django to simulate SQL injection and HTTP Parameter Pollution
A python script that finds endpoints in JavaScript files
Chapar is a simple and easy to use api testing tools aims to help developers to test their api endpoints. it support http and grpc protocols.
A fast tool to scan CRLF vulnerability written in Go
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving to…
Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery.
A collection of HAR files for developing against the HAR spec
Automagically reverse-engineer REST APIs via capturing traffic
Attack surface detector that identifies endpoints by static analysis
An innovative superfamily of fonts for code
Library for accessing HTTP Archives (HAR) with Java