Discover hahwul/XSS-Payload-without-Anything Open Source project

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

3,764

dalfox

3,504

DevSecOps

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

1,716

XSpear

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

1,157

jwt-hack

748

MobileHackersWeapons

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

682

a2sv

Auto Scanning to SSL Vulnerability

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

617

authz0

386

mad-metasploit

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

(deprecated) Android application vulnerability analysis and Android pentest tool

382

droid-hunter

db_autopwn plugin of metasploit

288

metasploit-autopwn

🏴‍☠️ Find dead-links (broken links)

199

deadfinder

🔭 Collection of regexp pattern for security passive scanning

127

RegexPassive

112

mzap

⚡️ Multiple target ZAP Scanning

101

hack-pet

🐰 Managing command snippets for hackers/bug bounty hunters. with pet.

s3reverse

The format of various s3 buckets is convert in one format. for bugbounty and security testing.

gee

🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go

websocket-connection-smuggler

gitls

🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline

ws-smuggler

WebSocket Connection Smuggler

ras-fuzzer

RAS(RAndom Subdomain) Fuzzer

MemBi

All the members of bugbounty and infosec. If you don't know who to follow, see!

backbomb

💣 Dockerized penetration-testing/bugbounty/app-sec testing environment

hbxss

Security test tool for Blind XSS

XSS scanning with Dalfox on Github-action

fuzzstone

My fuzz repo!

JavaScript

action-dalfox

Dockerfile

recon-raven

Reconnaissance tool of Penetration test & Bug Bounty

XSSMaze is a web service designed to test and improve the performance of security testing tools by providing various cases of XSS vulnerabilities.

xssmaze

♠️ Noir is an attack surface detector form source code.

noir

assets for www.hahwul.com

assets.hahwul.com

SWF Vulnerability & Information Scanner

vais

HTML

can-i-protect-xss

Everything about xss protection technology

volt

⚡ Golang library for quick make pentest tools

raven

Automation Hacking & Penetration Testing Suite

Auto Web Vulnerability Scanning Framework

vunlink

websocket-connection-smuggling write in go

hahwul

about me!

websocket-connection-smuggling-go

zest-env

🐋 Zest CLI Environment

This repo is a sample repo for Github Action Injection.

github-aciton-injection-test

awesome-zap-extensions

A curated list of amazingly awesome ZAP Extensions

VAHA

Web for security engineer & hacker

jqueen

buildpack-nmap

install nmap and set alias buildpack of heroku

remote markdown document to html on DOM

m2h.js

JavaScript

homebrew-dalfox

tool, page code for https://www.hahwul.com

zap-cloud-scan

hahwul-testzz

HTML

qs-openvpn

quick setup openvpn

Encoding Only Your Choices

eoyc

A Ruby Implementation and Library for Easy Utilization of ZAP API

zaproxy-ruby

Live OS for Physical hacking

cyan-snake

Easy testing from multiple android devices

podopunch

OpenVAS Scanner Install Script on Debian

openvas_install_script

rings

homebrew-jwt-hack

zap(zed attack proxy) daemon mode buildpack of heroku

buildpack-zap-daemon

Web page response time checker

CaidoTweaks

restime

exploit-db(edb) convert to dokuwiki template

exploit-db_to_dokuwiki

backbomb homebrew repository

homebrew-backbomb

Vulnerability analysis to javascript using javascript and web debugger

booungJS

JavaScript

homebrew-authz0

simple copy to file to clipboard

licaner

ftc

struts2-rce-cve-2017-9805-ruby

cve -2017-9805

homebrew-mzap

go get error patched version

go-github-selfupdate-patched

crystal-smuggle

Toy :D

Jekyll plugin for security.txt

jekyll-securitytxt

custom scheme testing tool with checklist

shooting-scheme

action-authz0-test

mycert

lab

homebrew-gee

homebrew-s3reverse

caido-crystal

Caido implementation for crystal

It is a Caido theme made to feel blue, the representative dawn color of Seoul.

heroku-buildpack-geckodriver

dawn-of-seoul

vuln_test

projectsend_r582_webshell

ProjectSend_r582_webshell exploit

homebrew-eoyc

bad-usb-scripts

purl.cr