Web Application Tools

462 tools
Security-Assessments-projects-for-Beginners
Security-Assessments-projects-for-Beginners
Free Web Application

Hands-on projects for beginners to learn and practice essential cybersecurity skills through security assessments.
Security-Books
Security-Books
Free Web Application

🛡️ The Ultimate Cybersecurity Library | 160+ curated books, guides & resources covering Ethical Hacking, Penetration Testing, Bug Bounty, Re…
security-study-plan
security-study-plan
Free Web Application

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps a…
security-tools
security-tools
Open Source Reverse Engineering Web Application

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
Sherlock
Sherlock
Open Source Exploitation Web Application

This script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublis…
ship-safe
ship-safe
Open Source Reverse Engineering Web Application

CLI security scanner built for the agentic era. Detects CI/CD misconfigs, agent permission risks, MCP tool injection, hardcoded secrets, and…
SILENTCHAIN
SILENTCHAIN
Free Scanning & Enumeration Web Application

AI-powered vulnerability scanner extension for Burp Suite with multi-provider support (Ollama, OpenAI, Claude, Gemini)
sn0int
sn0int
Open Source Reconnaissance Web Application

Semi-automatic OSINT framework and package manager
SQL-Injection-Payloads
SQL-Injection-Payloads
Free Exploitation Reconnaissance

This repository is a comprehensive collection of SQL Injection Payloads designed for educational, research, and testing purposes. It include…
SQLiDetector
SQLiDetector
Free Web Application

Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with…
sqlifinder
sqlifinder
Free Exploitation Web Application

SQL Injection Vulnerability Scanner made with Python
SQLMap
SQLMap
Open Source Kali Exploitation Web Application

Automatic SQL injection and database takeover tool. Supports detection and exploitation of all major SQL injection types across MySQL, MSSQL…
ssrf-exploit
ssrf-exploit
Open Source Kali Exploitation Web Application

an exploit of Server-side request forgery (SSRF)
SSRF-Testing
SSRF-Testing
Free Web Application

SSRF (Server Side Request Forgery) testing resources
SSRFmap
SSRFmap
Open Source Web Application

Automatic SSRF (Server-Side Request Forgery) fuzzer and exploitation tool. Tests for SSRF vulnerabilities and exploits them to reach interna…
SSRFmap
SSRFmap
Open Source Exploitation Web Application

Automatic SSRF fuzzer and exploitation tool
SSRFPwned
SSRFPwned
Open Source Exploitation Web Application

Checks for SSRF using built-in custom Payloads after fetching URLs from Multiple Passive Sources & applying complex patterns aimed at SSRF
stalker
stalker
Open Source Web Application

Red Kite, the Extensible Attack Surface Management tool.
Sub-Drill
Sub-Drill
Free Reconnaissance Web Application

A very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
SubDomainizer
SubDomainizer
Open Source Reconnaissance Web Application

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Subdominator
Subdominator
Open Source Reconnaissance Web Application

The Internets #1 Subdomain Takeover Tool
Subhunter
Subhunter
Open Source Web Application

A fast subdomain takeover tool
subjack
subjack
Open Source Reconnaissance Web Application

DNS Takeover tool written in Go
SuperLibrary
SuperLibrary
Free Kali Forensics Reverse Engineering

A massive, curated collection of information security books, study guides, cheat sheets, and resources. This library is intended for educati…