Web Application Tools

462 tools
OpenDoor
OpenDoor
Open Source Reconnaissance Web Application

OWASP WEB Directory Scanner [](https://twitter.com/intent/tweet?text=Wow:&url=https://github.com/stanislav-web/OpenDoor) ===================…
openftp4
openftp4
Open Source Web Application

A list of all FTP servers in IPv4 that allow anonymous logins.
orgs-data
orgs-data
Free Reconnaissance Web Application

Mapping from bug bounty and vulnerability disclosure programs to respective GitHub organizations
OWASP ZAP
OWASP ZAP
Open Source Kali Scanning & Enumeration Web Application

OWASP's Zed Attack Proxy — one of the world's most popular free web application security scanners. Features active/passive scanning, spideri…
owasp-java-encoder
owasp-java-encoder
Open Source Web Application

The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This pro…
OWASP-Testing-Guide-Checklist
OWASP-Testing-Guide-Checklist
Free Web Application

OWASP based Web Application Security Testing Checklist
owtf
owtf
Open Source Kali Web Application

Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org …
passive_web_scanner
passive_web_scanner
Open Source Web Application

Passive web vulnerability scanner for ethical diagnostics
PasteJacker
PasteJacker
Free Exploitation Web Application

Hacking systems with the automation of PasteJacking attacks.
pathbuster
pathbuster
Open Source Web Application

A path-normalization pentesting tool.
Payloader
Payloader
Free Exploitation Web Application

渗透测试Payload速查平台 | Pentest Payload Quick Reference | XSS/SQLi/SSRF/RCE | React+TypeScript
PayloadsAllThePDFs
PayloadsAllThePDFs
Open Source Web Application

PayloadsAllTheThings
PayloadsAllTheThings
Open Source Exploitation Post-Exploitation

A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Penetration_Testing_POC
Penetration_Testing_POC
Open Source Exploitation Web Application

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub…
penetration-testing-cheat-sheet
penetration-testing-cheat-sheet
Open Source Exploitation Reconnaissance

This is more of a checklist for myself. May contain useful tips and tricks.
penetration-testing-roadmap
penetration-testing-roadmap
Free Web Application

Complete Roadmap for Penetration Testing
pentagi
pentagi
Open Source Web Application

Fully autonomous AI Agents system capable of performing complex penetration testing tasks
pentest
pentest
Open Source Exploitation Web Application

Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
pentest_lab
pentest_lab
Open Source Web Application

Local penetration testing lab using docker-compose.
pentest-ai
pentest-ai
Open Source Exploitation Reconnaissance

The most autonomous pentesting AI on the market. MCP server + Python agents with 150+ security tools, exploit chaining, and PoC validation.
pentest-ai-agents
pentest-ai-agents
Open Source Kali Exploitation Web Application

Turn Claude Code into your offensive security research assistant. Specialized AI subagents for authorized penetration testing plan engagemen…
Pentest-Swarm-AI
Pentest-Swarm-AI
Open Source Web Application

Autonomous penetration testing using a swarm of AI agents. Orchestrates recon, classification, exploitation, and reporting specialists with …
pentestkit
pentestkit
Open Source Web Application

OWASP PTK - application security browser extension.
Photon
Photon
Open Source Reconnaissance Web Application

Fast web crawler designed for OSINT. Extracts URLs, emails, social media accounts, Amazon S3 buckets, Bitcoin wallets, and files from a targ…