Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP Top 10 project and it is...
Tag - OWASP
nginx Docker image secure by default. Avoid the hassle of following security best practices each time you need a web server or reverse proxy. Bunkerized-nginx...
OctopusWAF is a open source Web application firewall, is made in C language uses libevent to make multiple connections. First step Instal lib-pcre, if you use...
APICheck is a complete toolset designed and created for testing REST APIs. Why APICheck APICheck focuses not only in the security testing and hacking use cases...
The HUD is new interface that provides the functionality of ZAP directly in the browser. Learn more: Blog: Hacking with a Heads Up Display Video: The OWASP ZAP...
Threat Dragon is a free, open-source, cross-platform threat modeling application including system diagramming and a rule engine to auto-generate...
Maryam is a full-featured open-source intelligence (OSINT) framework written in Python. Complete with independent modules, built in functions, interactive...
Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities. Idea for this script comes from this post on...
OWASP JoomScan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in perl programming language to detect Joomla...
Modern applications leverage the availability of existing components for use as building blocks in application development. By using existing components...