Web Application Tools

462 tools
awesome-web-hacking
awesome-web-hacking
Open Source Exploitation Web Application

A list of web application security
AwesomeXSS
AwesomeXSS
Open Source Web Application

This repository is a collection of Awesome XSS resources. Contributions are welcome and should be submitted via an issue.
axiom
axiom
Open Source Scanning & Enumeration Web Application

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf…
BB-legal-FR
BB-legal-FR
Open Source Web Application

Quelques conseils autour des obligations légales, fiscales et juridique pour la pratique du Bug Bounty en France
BCHackTool
BCHackTool
Free Exploitation Reconnaissance

🔥 Professional Penetration Testing Framework v4.0 - Automated subdomain enumeration, vulnerability scanning with Nuclei, port scanning, and …
bearer
bearer
Free Exploitation Reverse Engineering

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
BeEF
BeEF
Open Source Kali Exploitation Social Engineering

Browser Exploitation Framework. Hooks web browsers via JavaScript and provides extensive command modules for session hijacking, social engin…
Berserker
Berserker
Free Exploitation Scanning & Enumeration

A list of useful payloads for Web Application Security and Pentest/CTF
beyond-xss
beyond-xss
Free Web Application

Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
Black-Hat-GraphQL
Black-Hat-GraphQL
Free Web Application

The Black Hat GraphQL Book Repository
black-hat-rust
black-hat-rust
Open Source Exploitation Post-Exploitation

Applied offensive security with Rust - https://kerkour.com/black-hat-rust
BlackWidow
BlackWidow
Free Exploitation Reconnaissance

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
BLT
BLT
Open Source Web Application

A community-driven OWASP Foundation project building open-source tools for vulnerability reporting, bug tracking, security automation & cont…
bluemonday
bluemonday
Open Source Web Application

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Bot-Bounty
Bot-Bounty
Free Web Application

Python Script for Telegram Bot is specially built for pentest & bug bounty. It's like a telegram shell.
browser-identity-attacks-matrix
browser-identity-attacks-matrix
Free Web Application

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats …
BSCP
BSCP
Free Web Application

Cheatsheet, Notes, Payloads and Mayhem for Burp Suite Practitioner Exam (BSCP)
Bug_Bounty_Tools_and_Methodology
Bug_Bounty_Tools_and_Methodology
Open Source Reconnaissance Web Application

Bug Bounty Tools used on Twitch - Recon
Bug-Bounty
Bug-Bounty
Free Web Application

Bug Bounty ~ Awesomes | Books | Cheatsheets | Checklists | Tools | Wordlists | More
Bug-Bounty-Beginner-Roadmap
Bug-Bounty-Beginner-Roadmap
Free Exploitation Reconnaissance

This repository is a curated resource for aspiring bug hunters, offering hands-on labs, tools, and structured guidance to support your learn…
bug-bounty-writeup
bug-bounty-writeup
Free Exploitation Web Application

This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles
bunkerweb
bunkerweb
Open Source Web Application

🛡️ Open-source and cloud-native Web Application Firewall (WAF)
Burp Suite
Burp Suite
Freemium Kali Web Application

Leading platform for web application security testing. The Community Edition includes an intercepting proxy, repeater, intruder, and decoder…
Burp Suite Extensions (BApp Store)
Burp Suite Extensions (BApp Store)
Freemium Web Application

Marketplace of extensions for Burp Suite covering active/passive scanning, custom insertion points, logging, authentication testing, and int…