Discover hahwul/ras-fuzzer Open Source project by HAHWUL (@hahwul)

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

3,581

dalfox

3,152

DevSecOps

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

1,565

XSpear

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)

1,084

jwt-hack

707

MobileHackersWeapons

Mobile Hacker's Weapons / A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting

624

a2sv

Auto Scanning to SSL Vulnerability

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

610

mad-metasploit

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

373

authz0

341

droid-hunter

(deprecated) Android application vulnerability analysis and Android pentest tool

db_autopwn plugin of metasploit

287

metasploit-autopwn

🏴‍☠️ Find dead-links (broken links)

192

deadfinder

🔭 Collection of regexp pattern for security passive scanning

123

RegexPassive

109

mzap

⚡️ Multiple target ZAP Scanning

hack-pet

🐰 Managing command snippets for hackers/bug bounty hunters. with pet.

XSS-Payload-without-Anything

XSS Payload without Anything.

gee

🏵 Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go

s3reverse

The format of various s3 buckets is convert in one format. for bugbounty and security testing.

websocket-connection-smuggler

gitls

🖇 Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline

ws-smuggler

WebSocket Connection Smuggler

MemBi

All the members of bugbounty and infosec. If you don't know who to follow, see!

backbomb

💣 Dockerized penetration-testing/bugbounty/app-sec testing environment

hbxss

Security test tool for Blind XSS

XSS scanning with Dalfox on Github-action

fuzzstone

My fuzz repo!

JavaScript

action-dalfox

Dockerfile

recon-raven

Reconnaissance tool of Penetration test & Bug Bounty

SWF Vulnerability & Information Scanner

vais

HTML

noir

♠️ Noir is an attack surface detector form source code.

XSSMaze is a web service designed to test and improve the performance of security testing tools by providing various cases of XSS vulnerabilities.

xssmaze

assets for www.hahwul.com

asset-of-hahwul.com

Everything about xss protection technology

can-i-protect-xss

volt

⚡ Golang library for quick make pentest tools

raven

Automation Hacking & Penetration Testing Suite

Auto Web Vulnerability Scanning Framework

vunlink

websocket-connection-smuggling write in go

websocket-connection-smuggling-go

hahwul

about me!

zest-env

🐋 Zest CLI Environment

A curated list of amazingly awesome ZAP Extensions

awesome-zap-extensions

github-aciton-injection-test

This repo is a sample repo for Github Action Injection.

VAHA

Web for security engineer & hacker

buildpack-nmap

install nmap and set alias buildpack of heroku

remote markdown document to html on DOM

jqueen

m2h.js

JavaScript

zap-cloud-scan

homebrew-dalfox

tool, page code for https://www.hahwul.com

hahwul-testzz

HTML

qs-openvpn

quick setup openvpn

Encoding Only Your Choices

eoyc

A Ruby Implementation and Library for Easy Utilization of ZAP API

zaproxy-ruby

Live OS for Physical hacking

cyan-snake

Easy testing from multiple android devices

podopunch

OpenVAS Scanner Install Script on Debian

openvas_install_script

rings

licaner

homebrew-jwt-hack

zap(zed attack proxy) daemon mode buildpack of heroku

buildpack-zap-daemon

Web page response time checker

restime

exploit-db(edb) convert to dokuwiki template

exploit-db_to_dokuwiki

backbomb homebrew repository

homebrew-backbomb

Vulnerability analysis to javascript using javascript and web debugger

booungJS

JavaScript

gospider

Gospider - Fast web spider written in Go

arachni

Web Application Security Scanner Framework

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/etc) that are eligible for reports

owasp-projects

bounty-targets-data

homebrew-authz0

struts2-rce-cve-2017-9805-ruby

cve -2017-9805

homebrew-mzap

go get error patched version

go-github-selfupdate-patched

crystal-smuggle

Toy :D

custom scheme testing tool with checklist

CaidoTweaks

shooting-scheme

ftc

simple copy to file to clipboard

Heroku geckodriver buildpack for Selenium use with Firefox

action-authz0-test

geckodriver-buildpack

mycert

lab

homebrew-gee

jekyll-securitytxt

Jekyll plugin for security.txt

homebrew-s3reverse

ProjectSend_r582_webshell exploit

heroku-buildpack-geckodriver

vuln_test

projectsend_r582_webshell

homebrew-eoyc

golang logger for hahwul z

hlogger

caido-crystal

Caido implementation for crystal