├── LICENSE └── README.md /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2022 Daniel Romero 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # awesome-web-hacking 2 | This list is for anyone wishing to learn about web application security but do not have a starting point. 3 | 4 | You can help by sending Pull Requests to add more information. 5 | 6 | If you're not inclined to make PRs you can tweet me at `@infoslack` 7 | 8 | Table of Contents 9 | ================= 10 | 11 | * [Books](#books) 12 | * [Documentation](#documentation) 13 | * [Tools](#tools) 14 | * [Cheat Sheets](#cheat-sheets) 15 | * [Docker](#docker-images-for-penetration-testing) 16 | * [Vulnerabilities](#vulnerabilities) 17 | * [Courses](#courses) 18 | * [Online Hacking Demonstration Sites](#online-hacking-demonstration-sites) 19 | * [Labs](#labs) 20 | * [SSL](#ssl) 21 | * [Security Ruby on Rails](#security-ruby-on-rails) 22 | 23 | ## Books 24 | 25 | * http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/8126533404/ The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws 26 | * http://www.amazon.com/Hacking-Web-Apps-Preventing-Application/dp/159749951X/ Hacking Web Apps: Detecting and Preventing Web Application Security Problems 27 | * http://www.amazon.com/Hacking-Exposed-Web-Applications-Third/dp/0071740643/ Hacking Exposed Web Applications 28 | * http://www.amazon.com/SQL-Injection-Attacks-Defense-Second/dp/1597499633/ SQL Injection Attacks and Defense 29 | * http://www.amazon.com/Tangled-Web-Securing-Modern-Applications/dp/1593273886/ The Tangled WEB: A Guide to Securing Modern Web Applications 30 | * http://www.amazon.com/Web-Application-Obfuscation-Evasion-Filters/dp/1597496049/ Web Application Obfuscation: '-/WAFs..Evasion..Filters//alert(/Obfuscation/)-' 31 | * http://www.amazon.com/XSS-Attacks-Scripting-Exploits-Defense/dp/1597491543/ XSS Attacks: Cross Site Scripting Exploits and Defense 32 | * http://www.amazon.com/Browser-Hackers-Handbook-Wade-Alcorn/dp/1118662091/ The Browser Hacker’s Handbook 33 | * http://www.amazon.com/Basics-Web-Hacking-Techniques-Attack/dp/0124166008/ The Basics of Web Hacking: Tools and Techniques to Attack the Web 34 | * http://www.amazon.com/Web-Penetration-Testing-Kali-Linux/dp/1782163166/ Web Penetration Testing with Kali Linux 35 | * http://www.amazon.com/Web-Application-Security-Beginners-Guide/dp/0071776168/ Web Application Security, A Beginner's Guide 36 | * https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/ Hacking: The Art of Exploitation 37 | * https://www.crypto101.io/ - Crypto 101 is an introductory course on cryptography 38 | * http://www.offensive-security.com/metasploit-unleashed/ - Metasploit Unleashed 39 | * http://www.cl.cam.ac.uk/~rja14/book.html - Security Engineering 40 | * https://www.feistyduck.com/library/openssl-cookbook/ - OpenSSL Cookbook 41 | * https://www.manning.com/books/real-world-cryptography - Learn and apply cryptographic techniques. 42 | * https://www.manning.com/books/making-sense-of-cyber-security - A guide to the key concepts, terminology, and technologies of cybersecurity perfect for anyone planning or implementing a security strategy. 43 | * https://www.manning.com/books/cyber-security-career-guide - Kickstart a career in cyber security by learning how to adapt your existing technical and non-technical skills. 44 | * https://www.manning.com/books/secret-key-cryptography - A book about cryptographic techniques and Secret Key methods. 45 | * https://www.manning.com/books/application-security-program-handbook - This practical book is a one-stop guide to implementing a robust application security program. 46 | * https://www.manning.com/books/cyber-threat-hunting - Practical guide to cyber threat hunting. 47 | * https://nostarch.com/bug-bounty-bootcamp - Bug Bounty Bootcamp 48 | * https://nostarch.com/hacking-apis - Hacking APIs 49 | * https://www.manning.com/books/grokking-web-application-security - A book about building web apps that are ready for and resilient to any attack. 50 | 51 | 52 | ## Documentation 53 | 54 | * https://www.owasp.org/ - Open Web Application Security Project 55 | * http://www.pentest-standard.org/ - Penetration Testing Execution Standard 56 | * http://www.binary-auditing.com/ - Dr. Thorsten Schneider’s Binary Auditing 57 | * https://appsecwiki.com/ - Application Security Wiki is an initiative to provide all Application security related resources to Security Researchers and developers at one place. 58 | 59 | ## Tools 60 | 61 | * https://www.deepinfo.com/ - Deepinfo Attack Surface Platform discovers all your digital assets, monitors them 24/7, detects any issues, and notifies you quickly so you can take immediate action. 62 | * https://spyse.com/ - OSINT search engine that provides fresh data about the entire web, storing all data in its own DB, interconnect finding data and has some cool features. 63 | * http://www.metasploit.com/ - World's most used penetration testing software 64 | * https://findsubdomains.com - Online subdomains scanner service with lots of additional data. works using OSINT. 65 | * https://github.com/bjeborn/basic-auth-pot HTTP Basic Authentication honeyPot. 66 | * http://www.arachni-scanner.com/ - Web Application Security Scanner Framework 67 | * https://github.com/sullo/nikto - Nikto web server scanner 68 | * http://www.tenable.com/products/nessus-vulnerability-scanner - Nessus Vulnerability Scanner 69 | * http://www.portswigger.net/burp/intruder.html - Burp Intruder is a tool for automating customized attacks against web apps. 70 | * http://www.openvas.org/ - The world's most advanced Open Source vulnerability scanner and manager. 71 | * https://github.com/iSECPartners/Scout2 - Security auditing tool for AWS environments 72 | * https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project - Is a multi threaded java application designed to brute force directories and files names on web/application servers. 73 | * https://www.owasp.org/index.php/ZAP - The Zed Attack Proxy is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. 74 | * https://github.com/tecknicaltom/dsniff - dsniff is a collection of tools for network auditing and penetration testing. 75 | * https://github.com/WangYihang/Webshell-Sniper - Manage your webshell via terminal. 76 | * https://github.com/DanMcInerney/dnsspoof - DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response 77 | * https://github.com/trustedsec/social-engineer-toolkit - The Social-Engineer Toolkit (SET) repository from TrustedSec 78 | * https://github.com/sqlmapproject/sqlmap - Automatic SQL injection and database takeover tool 79 | * https://github.com/beefproject/beef - The Browser Exploitation Framework Project 80 | * http://w3af.org/ - w3af is a Web Application Attack and Audit Framework 81 | * https://github.com/espreto/wpsploit - WPSploit, Exploiting Wordpress With Metasploit 82 | * https://vulert.com/ - Vulert secures software by detecting vulnerabilities in open-source dependencies—without accessing your code. It supports Js, PHP, Java, Python, and more. 83 | * https://github.com/WangYihang/Reverse-Shell-Manager - Reverse shell manager via terminal. 84 | * https://github.com/RUB-NDS/WS-Attacker - WS-Attacker is a modular framework for web services penetration testing 85 | * https://github.com/wpscanteam/wpscan - WPScan is a black box WordPress vulnerability scanner 86 | * http://sourceforge.net/projects/paros/ Paros proxy 87 | * https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project Web Scarab proxy 88 | * https://code.google.com/p/skipfish/ Skipfish, an active web application security reconnaissance tool 89 | * http://www.acunetix.com/vulnerability-scanner/ Acunetix Web Vulnerability Scanner 90 | * https://cystack.net/ CyStack Web Security Platform 91 | * http://www-03.ibm.com/software/products/en/appscan IBM Security AppScan 92 | * https://www.netsparker.com/web-vulnerability-scanner/ Netsparker web vulnerability scanner 93 | * http://www8.hp.com/us/en/software-solutions/webinspect-dynamic-analysis-dast/index.html HP Web Inspect 94 | * https://github.com/sensepost/wikto Wikto - Nikto for Windows with some extra features 95 | * http://samurai.inguardians.com Samurai Web Testing Framework 96 | * https://code.google.com/p/ratproxy/ Ratproxy 97 | * http://www.websecurify.com Websecurify 98 | * http://sourceforge.net/projects/grendel/ Grendel-scan 99 | * https://tools.kali.org/web-applications/gobuster Directory/file and DNS busting tool written in Go 100 | * http://www.edge-security.com/wfuzz.php Wfuzz 101 | * http://wapiti.sourceforge.net wapiti 102 | * https://github.com/neuroo/grabber Grabber 103 | * https://subgraph.com/vega/ Vega 104 | * http://websecuritytool.codeplex.com Watcher passive web scanner 105 | * http://xss.codeplex.com x5s XSS and Unicode transformations security testing assistant 106 | * http://www.beyondsecurity.com/avds AVDS Vulnerability Assessment and Management 107 | * http://www.golismero.com Golismero 108 | * http://www.ikare-monitoring.com IKare 109 | * http://www.nstalker.com N-Stalker X 110 | * https://www.rapid7.com/products/nexpose/index.jsp Nexpose 111 | * http://www.rapid7.com/products/appspider/ App Spider 112 | * http://www.milescan.com ParosPro 113 | * https://www.qualys.com/enterprises/qualysguard/web-application-scanning/ Qualys Web Application Scanning 114 | * http://www.beyondtrust.com/Products/RetinaNetworkSecurityScanner/ Retina 115 | * https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework 116 | * https://github.com/future-architect/vuls Vulnerability scanner for Linux, agentless, written in golang. 117 | * https://github.com/rastating/wordpress-exploit-framework A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems. 118 | * http://www.xss-payloads.com/ XSS Payloads to leverage XSS vulnerabilities, build custom payloads, practice penetration testing skills. 119 | * https://github.com/joaomatosf/jexboss JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool 120 | * https://github.com/commixproject/commix Automated All-in-One OS command injection and exploitation tool 121 | * https://github.com/pathetiq/BurpSmartBuster A Burp Suite content discovery plugin that add the smart into the Buster! 122 | * https://github.com/GoSecure/csp-auditor Burp and ZAP plugin to analyze CSP headers 123 | * https://github.com/ffleming/timing_attack Perform timing attacks against web applications 124 | * https://github.com/lalithr95/fuzzapi Fuzzapi is a tool used for REST API pentesting 125 | * https://github.com/owtf/owtf Offensive Web Testing Framework (OWTF) 126 | * https://github.com/nccgroup/wssip Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa. 127 | * https://github.com/PalindromeLabs/STEWS Tool suite for WebSocket discovery, fingerprinting, and vulnerability detection 128 | * https://github.com/tijme/angularjs-csti-scanner Automated client-side template injection (sandbox escape/bypass) detection for AngularJS (ACSTIS). 129 | * https://reshift.softwaresecured.com A source code analysis tool for detecting and managing Java security vulnerabilities. 130 | * https://encoding.tools Web app for transforming binary data and strings, including hashes and various encodings. GPLv3 offline version available. 131 | * https://gchq.github.io/CyberChef/ A "Cyber Swiss Army Knife" for carrying out various encodings and transformations of binary data and strings. 132 | * https://github.com/urbanadventurer/WhatWeb WhatWeb - Next generation web scanner 133 | * https://www.shodan.io/ Shodan - The search engine for find vulnerable servers 134 | * https://github.com/WangYihang/Webshell-Sniper A webshell manager via terminal 135 | * https://github.com/nil0x42/phpsploit PhpSploit - Full-featured C2 framework which silently persists on webserver via evil PHP oneliner 136 | * https://webhint.io/ - webhint - webhint is a customizable linting tool that helps you improve your site's accessibility, speed, cross-browser compatibility, and more by checking your code for best practices and common errors. 137 | * https://gtfobins.github.io/ - gtfobins - GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems. 138 | * https://github.com/HightechSec/git-scanner git-scanner - A tool for bug hunting or pentesting for targeting websites that have open `.git` repositories available in public 139 | * [Web Application Exploitation @ Rawsec Inventory](https://inventory.raw.pm/tools.html#title-tools-web-application-exploitation) - Complete list of Web pentesting tools 140 | * [Cyclops is a novel browser that can detect vulnerability automatically](https://github.com/v8blink/Chromium-based-XSS-Taint-Tracking/) - Cyclops is a web browser with XSS detection feature 141 | * https://caido.io/ - Web proxy 142 | * https://github.com/assetnote/kiterunner - API discovery 143 | * https://github.com/owasp-amass/amass - domain recon 144 | * [https://columbus.elmasy.com/](https://columbus.elmasy.com/) - Columbus Project is an advanced subdomain discovery service with fast, powerful and easy to use API. 145 | * [BadUSB Script To Exfiltrate Passwords](https://github.com/MarkCyber/BadUSB/blob/main/HackStuff/CredentialHarvester.txt) - Extracts all saved passwords from Chrome, Firefox, and Edge to be saved onto secondary USB for further analysis. 146 | * https://github.com/flibustier/jwt-online-cracker - Brute-force HS256, HS384 or HS512 JWT Token from your browser (fully client-side). 147 | 148 | ## Cheat Sheets 149 | 150 | * http://n0p.net/penguicon/php_app_sec/mirror/xss.html - XSS cheatsheet 151 | * https://highon.coffee/blog/lfi-cheat-sheet/ - LFI Cheat Sheet 152 | * https://highon.coffee/blog/reverse-shell-cheat-sheet/ - Reverse Shell Cheat Sheet 153 | * https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ - SQL Injection Cheat Sheet 154 | * https://www.gracefulsecurity.com/path-traversal-cheat-sheet-windows/ - Path Traversal Cheat Sheet: Windows 155 | 156 | ## Docker images for Penetration Testing 157 | 158 | * `docker pull kalilinux/kali-linux-docker` [official Kali Linux](https://hub.docker.com/r/kalilinux/kali-linux-docker/) 159 | * `docker pull blackarchlinux/blackarch` [official BlackArch Linux](https://hub.docker.com/r/blackarchlinux/blackarch) 160 | * `docker pull owasp/zap2docker-stable` - [official OWASP ZAP](https://github.com/zaproxy/zaproxy) 161 | * `docker pull wpscanteam/wpscan` - [official WPScan](https://hub.docker.com/r/wpscanteam/wpscan/) 162 | * `docker pull metasploitframework/metasploit-framework` - [docker-metasploit](https://hub.docker.com/r/metasploitframework/metasploit-framework/) 163 | * `docker pull citizenstig/dvwa` - [Damn Vulnerable Web Application (DVWA)](https://hub.docker.com/r/citizenstig/dvwa/) 164 | * `docker pull bkimminich/juice-shop` [OWASP Juice Shop](https://hub.docker.com/r/bkimminich/juice-shop) 165 | * `docker pull wpscanteam/vulnerablewordpress` - [Vulnerable WordPress Installation](https://hub.docker.com/r/wpscanteam/vulnerablewordpress/) 166 | * `docker pull hmlio/vaas-cve-2014-6271` - [Vulnerability as a service: Shellshock](https://hub.docker.com/r/hmlio/vaas-cve-2014-6271/) 167 | * `docker pull hmlio/vaas-cve-2014-0160` - [Vulnerability as a service: Heartbleed](https://hub.docker.com/r/hmlio/vaas-cve-2014-0160/) 168 | * `docker pull opendns/security-ninjas` - [Security Ninjas](https://hub.docker.com/r/opendns/security-ninjas/) 169 | * `docker pull noncetonic/archlinux-pentest-lxde:1.0` - [Arch Linux Penetration Tester](https://hub.docker.com/r/noncetonic/archlinux-pentest-lxde/) 170 | * `docker pull diogomonica/docker-bench-security` - [Docker Bench for Security](https://hub.docker.com/r/diogomonica/docker-bench-security/) 171 | * `docker pull ismisepaul/securityshepherd` - [OWASP Security Shepherd](https://hub.docker.com/r/ismisepaul/securityshepherd/) 172 | * `docker pull danmx/docker-owasp-webgoat` - [OWASP WebGoat Project docker image](https://hub.docker.com/r/webgoat/goatandwolf) 173 | * `docker pull docker pull jeroenwillemsen/wrongsecrets` - [OWASP WrongSecrets Project docker image](https://hub.docker.com/r/jeroenwillemsen/wrongsecrets) 174 | * `docker pull citizenstig/nowasp` - [OWASP Mutillidae II Web Pen-Test Practice Application](https://hub.docker.com/r/citizenstig/nowasp/) 175 | * `docker pull aaaguirre/pentest` - [Docker for pentest](https://github.com/aaaguirrep/pentest) 176 | * `docker pull rustscan/rustscan:2.0.0` - [The Modern Port Scanner](https://github.com/RustScan/RustScan) 177 | 178 | ## Vulnerabilities 179 | 180 | * http://cve.mitre.org/ - Common Vulnerabilities and Exposures. The Standard for Information Security Vulnerability Names 181 | * https://www.exploit-db.com/ - The Exploit Database – ultimate archive of Exploits, Shellcode, and Security Papers. 182 | * http://0day.today/ - Inj3ct0r is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals. 183 | * http://www.securityfocus.com/ - Since its inception in 1999, SecurityFocus has been a mainstay in the security community. 184 | * http://packetstormsecurity.com/ - Global Security Resource 185 | * https://wpvulndb.com/ - WPScan Vulnerability Database 186 | * https://snyk.io/vuln/ - Vulnerability DB, Detailed information and remediation guidance for known vulnerabilities. 187 | * https://stellastra.com/cipher-suite - Database of hundreds of TLS cipher suites and their security status. 188 | * https://vulert.com/vuln-db - Vulert helps developers secure their software by monitoring and alerting them to vulnerabilities in open-source dependencies—without requiring access to their code. It supports dependencies from Js, PHP, Java, Python, and many more. 189 | * https://vulncheck.com/xdb/ - An index of exploit proof-of-concept code in Git repositories. 190 | 191 | ## Courses 192 | 193 | * https://pwn.guide/ - Cybersecurity learning platform, with about 100 tutorials, approximately 25 of them are about web hacking & defending websites. 194 | * https://www.offensive-security.com/information-security-training/advanced-web-attack-and-exploitation/ Offensive Security Advanced Web Attacks and Exploitation (live) 195 | * https://www.sans.org/course/web-app-penetration-testing-ethical-hacking Sans SEC542: Web App Penetration Testing and Ethical Hacking 196 | * https://www.sans.org/course/advanced-web-app-penetration-testing-ethical-hacking Sans SEC642: Advanced Web App Penetration Testing and Ethical Hacking 197 | * http://opensecuritytraining.info/ - Open Security Training 198 | * http://securitytrainings.net/security-trainings/ - Security Exploded Training 199 | * http://www.securitytube.net/ - World’s largest Infosec and Hacking Portal. 200 | * https://www.hacker101.com/ - Free class for web security by [Hackerone](https://www.hackerone.com) 201 | * https://www.darkrelay.com/courses/professional-penetration-tester - Zero-Hero style Pentesting course by [DarkRelay Security Labs](https://www.darkrelay.com) 202 | 203 | ## Online Hacking Demonstration Sites 204 | 205 | * http://testasp.vulnweb.com/ - Acunetix ASP test and demonstration site 206 | * http://testaspnet.vulnweb.com/ - Acunetix ASP.Net test and demonstration site 207 | * http://testphp.vulnweb.com/ - Acunetix PHP test and demonstration site 208 | * http://crackme.cenzic.com/kelev/view/home.php - Crack Me Bank 209 | * http://zero.webappsecurity.com/ - Zero Bank 210 | * http://demo.testfire.net/ - Altoro Mutual 211 | * https://public-firing-range.appspot.com/ - Firing Range is a test bed for automated web application security scanners. 212 | * https://xss-game.appspot.com/ - XSS challenge 213 | * https://google-gruyere.appspot.com/ Google Gruyere, web application exploits and defenses 214 | * https://ginandjuice.shop/catalog 215 | * https://pentest-ground.com/ Pentest-Ground is a free playground with deliberately vulnerable web applications and network services. 216 | * [HackSimulator](https://chatgpt.com/g/g-jnT7HlNeK-hacksimulator) is a GPT created by [MarkCyber](https://github.com/MarkCyber) in which chatGPT 4 acts as a hacking CTF. This GPT will ask for your experience level and what you would like to improve on, before simulating a machine/application for you to hack into, using the chatbox as the place to input terminal commands. Since this is through AI, it changes and adjust based on your experience level and you can ask for help if you are stuck. 217 | 218 | ## Labs 219 | * https://portswigger.net/web-security - Web Security Academy: Free Online Training from PortSwigger 220 | * http://www.cis.syr.edu/~wedu/seed/all_labs.html - Developing Instructional Laboratories for Computer SEcurity EDucation 221 | * https://www.vulnhub.com/ - Virtual Machines for Localhost Penetration Testing. 222 | * https://pentesterlab.com/ - PentesterLab is an easy and great way to learn penetration testing. 223 | * https://github.com/jerryhoff/WebGoat.NET - This web application is a learning platform about common web security flaws. 224 | * http://www.dvwa.co.uk/ - Damn Vulnerable Web Application (DVWA) 225 | * http://sourceforge.net/projects/lampsecurity/ - LAMPSecurity Training 226 | * https://github.com/Audi-1/sqli-labs - SQLI labs to test error based, Blind boolean based, Time based. 227 | * https://github.com/paralax/lfi-labs - small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns 228 | * https://hack.me/ - Build, host and share vulnerable web apps in a sandboxed environment for free 229 | * http://azcwr.org/az-cyber-warfare-ranges - Free live fire Capture the Flag, blue team, red team Cyber Warfare Range for beginners through advanced users. Must use a cell phone to send a text message requesting access to the range. 230 | * https://github.com/adamdoupe/WackoPicko - WackoPicko is a vulnerable web application used to test web application vulnerability scanners. 231 | * https://github.com/rapid7/hackazon - Hackazon is a free, vulnerable test site that is an online storefront built with the same technologies used in today’s rich client and mobile applications. 232 | * https://github.com/RhinoSecurityLabs/cloudgoat - Rhino Security Labs' "Vulnerable by Design" AWS infrastructure setup tool 233 | * https://www.hackthebox.eu/ - Hack The Box is an online platform allowing you to test and advance your skills in cyber security. 234 | * https://github.com/tegal1337/0l4bs - 0l4bs is a Cross-site scripting labs for web application security enthusiasts. 235 | * https://github.com/oliverwiegers/pentest_lab - Local pentest lab leveraging docker compose. 236 | * https://ginandjuice.shop/catalog 237 | * https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application 238 | * https://labex.io/skilltrees/cybersecurity - LabEx is an online platform for enhancing your cyber security skills through hands-on labs. 239 | * https://pythoncyber.go.ro - CyberPython helps you to make your own research in order to solve challenges, exploit CVEs and make good scripts. 240 | 241 | ## SSL 242 | 243 | * https://www.ssllabs.com/ssltest/index.html - This service performs a deep analysis of the configuration of any SSL web server on the public Internet. 244 | * http://certdb.com/ - SSL/TLS data provider service. Collect the data about digital certificates - issuers, organisation, whois, expiration dates, etc... Plus, has handy filters for convenience. 245 | * https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html - Strong SSL Security on nginx 246 | * https://weakdh.org/ - Weak Diffie-Hellman and the Logjam Attack 247 | * https://letsencrypt.org/ - Let’s Encrypt is a new Certificate Authority: It’s free, automated, and open. 248 | * https://filippo.io/Heartbleed/ - A checker (site and tool) for CVE-2014-0160 (Heartbleed). 249 | * https://testssl.sh/ - A command line tool which checks a website's TLS/SSL ciphers, protocols and cryptographic flaws. 250 | 251 | ## Security Ruby on Rails 252 | 253 | * http://brakemanscanner.org/ - A static analysis security vulnerability scanner for Ruby on Rails applications. 254 | * https://github.com/rubysec/ruby-advisory-db - A database of vulnerable Ruby Gems 255 | * https://github.com/rubysec/bundler-audit - Patch-level verification for Bundler 256 | * https://github.com/hakirisec/hakiri_toolbelt - Hakiri Toolbelt is a command line interface for the Hakiri platform. 257 | * https://hakiri.io/facets - Scan Gemfile.lock for vulnerabilities. 258 | * http://rails-sqli.org/ - This page lists many query methods and options in ActiveRecord which do not sanitize raw SQL arguments and are not intended to be called with unsafe user input. 259 | * https://github.com/0xsauby/yasuo - A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network 260 | --------------------------------------------------------------------------------