domsnitch : A passive reconnaissance tool inside the DOM (experimental)
DVWA - Damn Vulnerable Web Application : Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to t...
WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
Bandit : Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs approp...
XSS game : Warning: You are entering the XSS game area.