Top 16 websecurity Open-Source Projects

• awesome-web-security

  2 10,817 0.0

  🐶 A curated list of Web Security materials and resources.

• xss-payload-list

  6 5,613 0.0

  🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

  

Project mention: XSS example | /r/bugbounty | 2023-06-15

Like an example XSS payload? Go nuts: https://github.com/payloadbox/xss-payload-list

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• sql-injection-payload-list

  5 4,304 0.0

  🎯 SQL Injection Payload List

  

• HolyTips

  2 1,685 4.1

  A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

• caddy-security

  17 1,234 8.1 Go

  🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐

Project mention: Caddy-Security: Security App and Plugin for Caddy | news.ycombinator.com | 2024-03-17

• cherrybomb

  63 1,042 6.8 Rust

  Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

  

Project mention: Cherrybomb: Audit, validate and test API specifications | news.ycombinator.com | 2023-11-22

• broxy

  1 990 1.8 Go

  An HTTP/HTTPS intercept proxy written in Go.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• Application-Security-Engineer-Interview-Questions

  4 577 0.0

  Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

• ssti-payloads

  1 560 0.0

  🎯 Server Side Template Injection Payloads

  

• jwtXploiter

  3 257 0.0 Python

  A tool to test security of json web token

• Vailyn

  1 187 0.0 Python

  A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

• Web_Hacking

  1 186 9.2

  Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.

Project mention: Web Hacking Toolbox | news.ycombinator.com | 2023-10-05

• csv-injection-payloads

  2 169 2.1

  🎯 CSV Injection Payloads

  

• browser-with-fingerprints

  1 81 7.0 JavaScript

  Anonymous automation with fingerprint replacement technology.

Project mention: Bypassing DataDome? | /r/webscraping | 2023-07-11

You can look into this package to change your fingerprint ( I have not checked it at all) https://github.com/CheshireCaat/browser-with-fingerprints

• HTTPCustomHouse

  2 24 0.0 Go

  HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets

• hacker-scoper

  1 22 2.0 Go

  Automagically filter URLs with Bug Bounty program scope rules scraped from the internet.

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

websecurity related posts

• SC
  2 projects | /r/alphonsusswag | 6 Dec 2022
• VainlyStrain/Vailyn - A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
  1 project | /r/GithubSecurityTools | 3 Jun 2021
• BountyStrike/Injectus - CRLF and open redirect fuzzer
  1 project | /r/GithubSecurityTools | 20 Mar 2021

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com