A curated list of Web Security materials and resources.
Go to file
2018-01-11 23:41:01 +08:00
.gitignore Update README.md 2017-01-31 17:20:24 +08:00
code-of-conduct.md add code-of-conduct.md & README.md and revise CONTRIBUTING.md 2017-06-30 23:24:17 +08:00
CONTRIBUTING.md add code-of-conduct.md & README.md and revise CONTRIBUTING.md 2017-06-30 23:24:17 +08:00
README.md add a forum 2018-01-11 23:41:01 +08:00

Awesome Web Security Awesome

🐶 Curated list of Web Security materials and resources.

Needless to say, most of websites on-line are suffered from various type of bugs, which might eventually lead to vulnerabilities. Why would this happen so often? Many factors can be involved, including misconfiguration, shortage of engineers' security skills, and etc. Therefore, here is the curated list of Web Security materials and resources for learning the cutting edge penetrating techniques.

Please read the contribution guidelines before contributing.


🌈 Want to strengthen your penetration skills?
I would recommend to play some awesome-ctfs.


Check out my repos 🐾 or say hi on my Twitter.

Contents

Forums

Resources

Tips

XSS - Cross-Site Scripting

CSV Injection

SQL Injection

Command Injection

ORM Injection

FTP Injection

XXE - XML eXternal Entity

CSRF - Cross-Site Request Forgery

SSRF - Server-Side Request Forgery

Rails

AngularJS

SSL/TLS

Webmail

NFS

AWS

Fingerprint

Sub-domain Enumeration

Crypto

Books

Evasions

CSP

WAF

JSMVC

Authentication

Tricks

Remote Code Execution

XSS

SQL Injection

NoSQL Injection

FTP Injection

SSRF

Header Injection

URL

Others

Browser Exploitation

Frontend (like CSP bypass, URL spoofing, and something like that)

Backend (core of Browser implementation, and often refers to C or C++ part)

PoCs

JavaScript

Tools

Auditing

  • prowler - Tool for AWS security assessment, auditing and hardening by @Alfresco.

Reconnaissance

  • FOCA - FOCA (Fingerprinting Organizations with Collected Archives) is a tool used mainly to find metadata and hidden information in the documents its scans by ElevenPaths.
  • xray - XRay is a tool for recon, mapping and OSINT gathering from public networks by @evilsocket.
  • Shodan - Shodan is the world's first search engine for Internet-connected devices by @shodanhq.
  • Censys - Censys is a search engine that allows computer scientists to ask questions about the devices and networks that compose the Internet by University of Michigan.
  • urlscan.io - Service which analyses websites and the resources they request by @heipei.
  • ZoomEye - ZoomEye 是一个针对网络空间的搜索引擎 by @zoomeye_team.
  • FOFA - 网络空间资产搜索引擎 by 白帽汇.
  • NSFOCUS - THREAT INTELLIGENCE PORTAL by NSFOCUS GLOBAL.
  • 傻蛋联网设备搜索 - 监测互联网基础设施安全威胁 by @傻蛋搜索.
  • gitrob - Reconnaissance tool for GitHub organizations by @michenriksen.
  • raven - raven is a Linkedin information gathering tool that can be used by pentesters to gather information about an organization employees using Linkedin by @0x09AL.
  • ReconDog - Recon Dog is an all in one tool for all your basic information gathering needs by @UltimateHackers.
  • AQUATONE - Tool for Domain Flyovers by @michenriksen.
  • domain_analyzer - Analyze the security of any domain by finding all the information possible by @eldraco.
  • VirusTotal domain information - Searching for domain information by VirusTotal.
  • Certificate Transparency - Google's Certificate Transparency project fixes several structural flaws in the SSL certificate system by @google.
  • Certificate Search - Enter an Identity (Domain Name, Organization Name, etc), a Certificate Fingerprint (SHA-1 or SHA-256) or a crt.sh ID to search certificate(s) by @crtsh.

Code Generating

Fuzzing

Penetrating

  • Burp Suite - Burp Suite is an integrated platform for performing security testing of web applications by portswigger.
  • mitmproxy - Interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers by @mitmproxy.

Offensive

Template Injection

  • tqlmap - Code and Server-Side Template Injection Detection and Exploitation Tool by @epinna.

Leaking

Detecting

  • sqlchop - [DEPRECATED] Novel SQL injection detection engine built on top of SQL tokenizing and syntax analysis by chaitin.
  • retire.js - Scanner detecting the use of JavaScript libraries with known vulnerabilities by @RetireJS.
  • malware-jail - Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction by @HynekPetrak.
  • repo-supervisor - Scan your code for security misconfiguration, search for passwords and secrets.
  • bXSS - bXSS is a simple Blind XSS application adapted from cure53.de/m by @LewisArdern.

Preventing

  • js-xss - Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist by @leizongmin.

Webshell

Disassembler

Others

  • Dnslogger - DNS Logger by @iagox86.
  • CyberChef - The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis - by @GCHQ.

Social Engineering Database

use at your own risk

Blogs

Twitter Users

  • @HackwithGitHub - Initiative to showcase open source hacking tools for hackers and pentesters
  • @filedescriptor - Active penetrator often tweets and writes useful articles
  • @cure53berlin - Cure53 is a German cybersecurity firm.
  • @XssPayloads - The wonderland of JavaScript unexpected usages, and more.
  • @kinugawamasato - Japanese web penetrator.
  • @h3xstream - Security Researcher, interested in web security, crypto, pentest, static analysis but most of all, samy is my hero.
  • @garethheyes - English web penetrator.
  • @hasegawayosuke - Japanese javascript security researcher.

Practices

Application

AWS

XSS

ModSecurity / OWASP ModSecurity Core Rule Set

Community

Miscellaneous

Code of Conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.

License

CC0

To the extent possible under law, @qazbnm456 has waived all copyright and related or neighboring rights to this work.