Web Application Tools

462 tools
warlusts
warlusts
Free Password Attacks Reconnaissance

If you found this, you are among the truly lucky, to be given providence to my curated and often custom wordlists. Enjoy, buddy, you've ear…
Web_Hacking
Web_Hacking
Free Exploitation Reconnaissance

Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
web-fuzz-wordlists
web-fuzz-wordlists
Open Source Exploitation Web Application

Common Web Managers Fuzz Wordlists
web-security-fundamentals
web-security-fundamentals
Open Source Web Application

Mike North's Web Security Course
web3-bug-bounty-hunting-ai-skills
web3-bug-bounty-hunting-ai-skills
Open Source Web Application

18 Claude Code skill files for smart contract security — built from 2,749 Immunefi reports, 681 DeFiHack reproductions, and real hunt experi…
webapp-wordlists
webapp-wordlists
Free Web Application

This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains …
webcopilot
webcopilot
Open Source Reconnaissance Scanning & Enumeration

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vul…
webdork
webdork
Open Source Reconnaissance Web Application

A Python tool to automate some dorking stuff to find information disclosures.
WebSecurity-Academy-with-Python
WebSecurity-Academy-with-Python
Open Source Exploitation Web Application

Scripts for solving WebSecurity Academy labs of PortSwigger using Python
Webshell-bypass
Webshell-bypass
Free Web Application

A collection of advanced PHP and ASPX web shells designed to bypass security measures.
Wfuzz
Wfuzz
Open Source Kali Scanning & Enumeration Web Application

Web application fuzzer that replaces any reference to the FUZZ keyword with a payload value. Supports multiple encoders, filters, iterators,…
WhatWeb
WhatWeb
Open Source Kali Reconnaissance Web Application

Web scanner that identifies web technologies including CMS, blogging platforms, analytics packages, JavaScript libraries, server frameworks,…
WhatWeb
WhatWeb
Open Source Kali Reconnaissance Web Application

Developed by Andrew Horton urbanadventurer and Brendan Coles bcoles
white-deface
white-deface
Open Source Web Application

This is a simple python tool to automatically deface webdav vulnerable websites.
wifi-penetration-testing-cheat-sheet
wifi-penetration-testing-cheat-sheet
Open Source Web Application Wireless

This is more of a checklist for myself. May contain useful tips and tricks.
WordList
WordList
Free Password Attacks Reconnaissance

Custom wordlist, updated regularly
Wordlists
Wordlists
Free Password Attacks Scanning & Enumeration

[Custom || Automated] Curation & Collection of BugBounty Wordlists
WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956
WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956
Free Exploitation Web Application

WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a Wo…
wordpress-malware
wordpress-malware
Free Exploitation Web Application

Collection of malware files found on hacked WordPress sites
Wordpress-XMLRPC-Brute-Force-Exploit
Wordpress-XMLRPC-Brute-Force-Exploit
Free Exploitation Web Application

Wordpress XMLRPC System Multicall Brute Force Exploit (0day) by 1N3 @ CrowdShield
Workflow-Bug-Bounty
Workflow-Bug-Bounty
Open Source Web Application

You can Support me by register or use digitalocean
wpgarlic
wpgarlic
Open Source Scanning & Enumeration Web Application

A proof-of-concept WordPress plugin fuzzer
wpprobe
wpprobe
Open Source Exploitation Reconnaissance

A fast WordPress plugin enumeration tool
WPScan
WPScan
Freemium Kali Web Application

WordPress security scanner. Enumerates WordPress installations for vulnerable plugins, themes, and configurations. Checks usernames, timthum…