A better version of my xssfinder tool - scans for different types of xss on a list of urls.
☆187Aug 3, 2019Updated 6 years ago
Alternatives and similar repositories for extended-xss-search
Users that are interested in extended-xss-search are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆279Feb 11, 2021Updated 5 years ago
- A simple SSRF-testing sheriff written in Go☆336Oct 31, 2024Updated last year
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 6 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- Finds Directory Listings or open S3 buckets from a list of URLs☆52Dec 1, 2021Updated 4 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Extract (links/possible endpoints) from responses & filter them via decoding/sorting☆93Aug 27, 2019Updated 6 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆118Dec 23, 2025Updated 3 months ago
- ☆32Apr 6, 2021Updated 4 years ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆63Jul 22, 2019Updated 6 years ago
- Scan secrets from Continuous Integration Build Logs☆53Oct 14, 2019Updated 6 years ago
- qsfuzz (Query String Fuzz) allows you to build your own rules to fuzz query strings and easily identify vulnerabilities.☆303Feb 12, 2023Updated 3 years ago
- ☆200Jun 6, 2019Updated 6 years ago
- SSRF testing tool☆246Dec 8, 2022Updated 3 years ago
- HTTP parameter discovery suite.☆93Apr 16, 2020Updated 5 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…☆25Sep 19, 2019Updated 6 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Jan 4, 2021Updated 5 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Sep 2, 2019Updated 6 years ago
- DOM XSS scanner for Single Page Applications☆414Nov 15, 2025Updated 4 months ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆367Jul 23, 2022Updated 3 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆304Aug 21, 2020Updated 5 years ago
- Broken Link Hijacking Burp Extension☆57Sep 13, 2019Updated 6 years ago
- This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.☆36Dec 22, 2021Updated 4 years ago
- CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.☆136Sep 25, 2019Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆293Aug 23, 2019Updated 6 years ago
- Trying to make automated recon for bug bounties☆255May 3, 2021Updated 4 years ago
- Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will m…☆99Dec 30, 2019Updated 6 years ago
- Burp Suite extension to easily export sub domains☆44Nov 29, 2019Updated 6 years ago
- The format of various s3 buckets is convert in one format. for bugbounty and security testing.☆87May 6, 2023Updated 2 years ago
- Toolset for detecting reflected xss in websites☆116Oct 7, 2018Updated 7 years ago
- List of special metadata IPs used in cloud services☆11Aug 9, 2019Updated 6 years ago
- Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations☆58Jul 26, 2020Updated 5 years ago
- ☆57Sep 2, 2020Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A collection of scripts to extend Burp Suite☆142Apr 8, 2019Updated 6 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆92Dec 7, 2025Updated 3 months ago
- Horizontal Domain Discovery☆76May 22, 2023Updated 2 years ago
- XSSCon: Simple XSS Scanner tool☆245Sep 1, 2019Updated 6 years ago
- -☆11Nov 21, 2020Updated 5 years ago
- FockCache - Minimalized Test Cache Poisoning☆111Feb 3, 2020Updated 6 years ago
- Pentest/BugBounty progress control with scanning modules☆281Jul 16, 2020Updated 5 years ago