Offensive penetration testing. Perform multiple attack types against web applications, vulnerable programs and OSes in predefined and safe test environment

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.

La intención de la workshop es mostrar y orientar a los equipos de desarrollo, seguridad y devops (entre otros) que quieran comenzar en DevSecOps, a segurar sus aplicaciones o bien a conocer un poco más acerca del desarrollo seguro, para esto, estaremos otorgando algunos tips e información que fuimos aprendiendo para armar un Pipeline DevSecOps …

acquirer.sh A Automated recon script made by @Albonycal

Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is a highly chased vulnerability in bug bounty programs. The xss finder gets a link from the user and scan the website for XSS vulnerability by injecting malicious scripts at the input place.

This repository documents my hands on experience and assignments during the Columbia University Cybersecurity Program. It includes home labs related to network security, penetration testing, and defensive security

CF Tunnel Gate is a secure Reverse Proxy, Web Application Firewall (WAF), and Intrusion Prevention System(WAF), designed for self-hosted projects and backed with Cloudflare Tunnels.

Bash script to install docker and OWASPs juice-shop vulnerable webapp. Run this and browse to http://localhost:3000

Blind XXE Xtractor is a script created for educational purpose to test Blind XXE vulnerabilities in controlled environments, which has support for local and remote websites with XML requests.

OWASP Juice Shop Laboratory

📚 security - web security