vicnum : A flexible web app showing vulnerabilities such as cross site scripting, sql injections, and session management issues. Helpful to IT auditors honing ...
domsnitch : A passive reconnaissance tool inside the DOM (experimental)
TruffleHog : TruffleHog is an open-source SAST (static application security testing) tool for detecting secrets in various sources. While GitHub and GitLab reposit...
XSS (Cross Site Scripting) Prevention Cheat Sheet : The following rules are intended to prevent all XSS in your application. While these rules do not allow absolute freedom in putting untrusted data int...
