🐶 A curated list of Web Security materials and resources.

Fast subdomains enumeration tool for penetration testers

A fast sub domain brute tool for pentesters

Analyze the security of any domain by finding all the information possible. Made in python.

Find web directories without bruteforce

Web application fuzzer

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

HTTPLeaks - All possible ways, a website can leak HTTP requests

Potentially dangerous files

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Decompiler and deobfuscator that offers support to track discord webhooks inside: blank stealer, luna grabber, thiefcat, Creal and all unobfuscated grabbers

w3af: web application attack and audit framework, the open source web vulnerability scanner.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

A high performance offensive security tool for reconnaissance and vulnerability scanning

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

🌟[NEW] Log by Telegram+Clipper ✅ [0/70] FUD Stealer can bypass all antivirus (Our Grabber can grabs: Wallets, Passwords, Credit Card, Cookies, Autofills, All Discord Token and info, Telegram, Twitt…

Next-Gen Stealer written in Go. Stealing from Discord, Chromium-Based & Firefox-Based Browsers, Crypto Wallets and more, from every user on every disk. (PoC. For educational purposes only)

Stealer + Clipper + Keylogger

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), ar…

javascript-obfuscator cleaner & deobfuscator

Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports