Automatic SQL injection and database takeover tool

• UpdatedFeb 17, 2026
• Python

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

• UpdatedNov 5, 2025
• Go

Source code for Hacker101.com - a free online web and mobile security class.

• UpdatedFeb 22, 2025
• SCSS

Damn Vulnerable Web Application (DVWA)

• UpdatedFeb 13, 2026
• PHP

Top disclosed reports from HackerOne

• UpdatedJan 31, 2026
• Python

w3af: web application attack and audit framework, the open source web vulnerability scanner.

• UpdatedFeb 22, 2023
• Python

Web Application Security Scanner Framework

• UpdatedMay 22, 2025
• Ruby

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

• UpdatedSep 27, 2021
• BlitzBasic

Automated NoSQL database enumeration and web application exploitation tool.

• UpdatedFeb 20, 2026
• Python

A cheat sheet that contains advanced queries for SQL Injection of all types.

• UpdatedMay 13, 2023

DDos Ripper a Distributable Denied-of-Service (DDOS) attack server that cuts off targets or surrounding infrastructure in a flood of Internet traffic

• UpdatedJan 17, 2026
• Python

jSQL Injection is a Java application for automatic SQL database injection.

• UpdatedFeb 20, 2026
• Java

GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)

• UpdatedMar 11, 2024
• Python

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

• UpdatedFeb 13, 2026
• Lua

massive SQL injection vulnerability scanner

• UpdatedAug 14, 2018
• Python

JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Second Shield, CC Defense, OAuth2 Authentication, Global Server Load Balance, and Cookie Compliance etc. JANUSEC应用网关，提供安全的接入，包括反向代理、K8S Ingress Controller、自动化ACME证书、WAF、5秒盾、CC防御、OAuth2身份认证、GSLB负载均衡与Cookie合规等。

• UpdatedAug 23, 2025
• Go

wide range mass audit toolkit

• UpdatedOct 3, 2018
• Python

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

• UpdatedJul 23, 2024
• Shell

Advanced reconnaissance utility

• UpdatedNov 20, 2023
• Python

The most comprehensive SQL guide from a real-world expert! Learn everything from basics to advanced queries, optimizations, and real-world SQL

• UpdatedMay 7, 2025
• TSQL