Web Security
Explore 266 curated cybersecurity tools, with 14,884 visitors searching for solutions
FEATURED
A security feature to prevent unexpected manipulation of fetched resources.
A security feature to prevent unexpected manipulation of fetched resources.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
Web inventory tool that captures screenshots of webpages and includes additional features for enhanced usability.
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
A tool that uses Apache mod_rewrite to redirect invalid URIs to a specified URL
Cybersecurity industry portal offering articles, tools, and resources.
A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.
A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.
A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.
A deliberately vulnerable web application that uses WebSocket communication to provide a training environment for learning about WebSocket-related security vulnerabilities.
A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.
A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.
secrepo.com is a curated repository providing access to various cybersecurity datasets including Snort logs, LANL datasets, and other security research data for analysis and testing purposes.
secrepo.com is a curated repository providing access to various cybersecurity datasets including Snort logs, LANL datasets, and other security research data for analysis and testing purposes.
A free online tool that scans and fixes common security issues in WordPress websites.
A free online tool that scans and fixes common security issues in WordPress websites.
ZAP is an open-source web application security scanner that helps identify vulnerabilities through automated scanning and manual testing capabilities.
ZAP is an open-source web application security scanner that helps identify vulnerabilities through automated scanning and manual testing capabilities.
A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.
A deliberately vulnerable web application written in under 100 lines of Python code for educational purposes and web security testing.
An educational codelab that demonstrates web application vulnerabilities including XSS, XSRF, and code execution attacks along with their corresponding defensive measures.
An educational codelab that demonstrates web application vulnerabilities including XSS, XSRF, and code execution attacks along with their corresponding defensive measures.
ezXSS is a testing framework that helps penetration testers and bug bounty hunters identify Cross Site Scripting vulnerabilities, especially blind XSS attacks.
ezXSS is a testing framework that helps penetration testers and bug bounty hunters identify Cross Site Scripting vulnerabilities, especially blind XSS attacks.
BotScout.com provides proactive bot detection, screening, and banning through a powerful API.
BotScout.com provides proactive bot detection, screening, and banning through a powerful API.
Web-application vulnerability scanner with extensive coverage of security testing modules.
Web-application vulnerability scanner with extensive coverage of security testing modules.
A blog post discussing the often overlooked dangers of CSV injection in applications.
A blog post discussing the often overlooked dangers of CSV injection in applications.
Wfuzz is a tool designed for bruteforcing Web Applications with multiple features like multiple injection points, recursion, and payload combinations.
Wfuzz is a tool designed for bruteforcing Web Applications with multiple features like multiple injection points, recursion, and payload combinations.
A tool for automated security scanning of web applications and manual penetration testing.
A tool for automated security scanning of web applications and manual penetration testing.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
Ensnare is a Ruby on Rails gem that deploys honey traps and automated responses to detect and interfere with malicious behavior in web applications.
Ensnare is a Ruby on Rails gem that deploys honey traps and automated responses to detect and interfere with malicious behavior in web applications.
A vulnerable web site for testing Sentinel features
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
A Burp Suite plugin that performs intelligent content discovery by analyzing current requests to identify directories, files, and variations based on the application's structure.
A Burp Suite plugin that performs intelligent content discovery by analyzing current requests to identify directories, files, and variations based on the application's structure.
