Web Application Tools

462 tools
Damn-Vulnerable-GraphQL-Application
Damn-Vulnerable-GraphQL-Application
Open Source Exploitation Web Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising…
DDoS-Ripper
DDoS-Ripper
Open Source Exploitation Web Application

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Interne…
devguard
devguard
Free Exploitation Web Application

DevGuard Backend - Secure your Software Supply Chain - Attestation-based compliance as Code, manage your CVEs seamlessly, Integrate your Vul…
diccionarios
diccionarios
Open Source Password Attacks Scanning & Enumeration

Diccionarios de: usuarios, passwords, XSS, ficheros, carpetas, dorks, etc .. ( hackingyseguridad.com )
diodb
diodb
Free Web Application

Open-source vulnerability disclosure and bug bounty program database
dioterms
dioterms
Free Web Application

Open-source vulnerability disclosure policy templates.
dirsearch
dirsearch
Free Exploitation Password Attacks

distributed-jwt-cracker
distributed-jwt-cracker
Open Source Password Attacks Web Application

An experimental distributed JWT token cracker built using Node.js and ZeroMQ
DLLHijackHunter
DLLHijackHunter
Open Source Exploitation Post-Exploitation

Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.
Dojo-101
Dojo-101
Open Source Forensics Web Application

Offline Cybersecurity Knowledge Base
domain-locker
domain-locker
Open Source Web Application

🌐 The all-in-one tool, for keeping track of your domain name portfolio. Got domain names? Get Domain Locker!
DOMClobbering
DOMClobbering
Open Source Web Application

DOM Clobbering Wiki, Browser Testing, and Payload Generation
DOMPurify
DOMPurify
Free Web Application

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers …
domscan
domscan
Free Web Application

Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
Droopescan
Droopescan
Open Source Web Application

Plugin-based scanner that aids security researchers in identifying issues with Drupal, SilverStripe, and WordPress sites. Detects plugins, t…
EasY_HaCk
EasY_HaCk
Open Source Exploitation Scanning & Enumeration

1. Hack the World using Termux this tool is developed by sabri.zaki for penetration testing using 2. metasploit-framework 3. sqlmap 4. nmap …
eCPPTv3-Notes
eCPPTv3-Notes
Open Source Exploitation Post-Exploitation

INE/eLearnSecurity Certified Professional Penetration Tester (eCPPT) / PTP v2 and v3 Notes
Egyscan
Egyscan
Open Source Exploitation Web Application

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malici…
elevation-of-privilege
elevation-of-privilege
Open Source Web Application

An online multiplayer version of the threat modeling card games: Elevation of Privilege (EoP), OWASP Cornucopia, OWASP Cumulus, and Elevatio…
Email-Vulnerability-Checker
Email-Vulnerability-Checker
Open Source Web Application

Find Email Spoofing Vulnerablity of domains
EnhancedBurpGPT
EnhancedBurpGPT
Open Source Exploitation Scanning & Enumeration

Enhanced BurpGPT 是一个强大的 Burp Suite 插件。通过分析指定的 HTTP 请求和响应,帮助安全测试人员更快速地发现潜在的安全漏洞。
Ensemble
Ensemble
Open Source Exploitation Web Application

A Bug Bounty Platform that allows hunters to issue commands over a geo-distributed cluster. The ideal user is someone who is attempting to s…
Evilginx2
Evilginx2
Open Source Social Engineering Web Application

Standalone man-in-the-middle attack framework that bypasses 2FA by proxying authentication sessions and capturing session cookies. Uses phis…
eWPTv2-Notes
eWPTv2-Notes
Open Source Exploitation Web Application

INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes