thewation Goto Github PK
Name: Wation
Type: User
Bio: Secure application is not a destination, it's a journey that requires constant attention and adaptation.
Name: Wation
Type: User
Bio: Secure application is not a destination, it's a journey that requires constant attention and adaptation.
The command injection sandbox is a tool for testing command injection vulnerabilities in web apps, in a safe environment.
This web application provides a sandbox environment for testing and learning about command injection and code execution vulnerabilities, with several endpoints for testing different types of vulnerabilities.
CloudSSRFer tests SSRF on Amazon AWS cloud to extract sensitive information.
Designed to showcase the concept of dependency confusion, a security vulnerability that can arise when using package managers like pip.
FavXHasher is a cli tool designed to calculate the hash value of a favicon from a given URL, This tool can be particularly useful for detecting potential phishing websites by leveraging Shodan's search capabilities.
A Pentest tool for exploring GraphQL schemas, executing queries, and managing responses with user-friendly prompts.
The purpose of this code is to demonstrate the potential risks associated with using the `eval()` function with user input.
The NodeJs cookie stealer is a tool that can be used in penetration testing and XSS attacks to steal browser cookies from victims.
Vulnerable code example that illustrates the prototype pollution vulnerability in Node.js.
Express app with Pug templates demonstrating SSTI vulnerability and secure implementation for educational purposes.
Explore NoSQL injection vulnerabilities with this educational project on secure coding practices.
A list of commonly used passwords that should not be used for security purposes
The PHP cookie stealer is a tool that can be used in penetration testing (XSS attacks) to steal browser cookies for poc.
This lab demonstrates a simple example of insecure deserialization in PHP. Insecure deserialization is a vulnerability that can lead to remote code execution when an application deserializes untrusted data.
This repository provides an example PHP application using Twig templates to illustrate Server-Side Template Injection (SSTI) vulnerabilities and a safe implementation.
PHPUpBox is a project that demonstrates file upload security issues in PHP applications.
Various formats that can be used for testing and bypassing server-side MIME type verification during file uploads.
The Python cookie stealer is a tool that can be used in penetration testing and XSS attacks to steal browser cookies from victims.
FastAPI app with Jinja2 SSTI vulnerability example to demonstrate security risks in web applications.
This tool checks whether a target URL is vulnerable to verb tampering.
The project is designed for educational purposes and aims to showcase how a frontend can interact with an API to perform basic CRUD operations.
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
WebSecurityVision is a tool for checking XSS vulnerabilities and security headers in web applications, displaying browser information if vulnerabilities are found.
The PHP sandbox environment is a Docker-based tool for testing XML processing code, with XXE vulnerabilities demonstrated and security considerations explained.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.