Stars
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
A curated list of resources for learning about application security
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
Nano is a family of PHP web shells which are code golfed for stealth.
Simple php reverse shell implemented using binary .
Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex
Simple websites vulnerable to Server Side Template Injections(SSTI)
Some of the best web shells that you might need!
Cheap & Nasty Wordpress Command Execution Shell
Facebook Phishing Undetected Desktop & Mobile Version (Greek_Locale)
This repository contains the source code of the web panel I have used in my book series of books: Cyber and Penetration Testing – Web Penetration Testing.