Browse & filter

MIT-licensed web-technology editor focused on HTML/CSS/JS with live preview roots.

HTTP server with automatic HTTPS, config ergonomics, and extensible plugins.

OWASP flagship web app scanner and proxy: automated checks, manual request tampering, scripting, and CI integrations.

Automatic SQL injection and database takeover helper with fingerprinting, data exfiltration, and OS-shell paths.

Web server scanner that probes for dangerous files, outdated software, and misconfigurations via many checks.

Fast web fuzzer for directories, virtual hosts, parameters, and raw HTTP—common in bug bounty playbooks.

Go-based directory/DNS/vhost brute-forcer with threading tuned for pentest wordlists.

Recursive content discovery written in Rust with intelligent filtering and replay-friendly output.

WordPress security scanner: version fingerprinting, plugin/theme vuln DB, weak creds, and user enumeration.

XSS parameter analyzer and reflected/stored/DOM-focused fuzzer with mining and pipeline modes.

Web application firewall engine for Apache, nginx, and IIS with OWASP CRS rule sets and audit logging.

Web-based SVG editor for quick vector tweaks, diagram polish, and embedding in self-hosted pages.

Community awareness document for critical web application risks.

Deep dive explaining the browser and network stack when you type a URL.