Toolset for detecting reflected xss in websites
☆116Oct 7, 2018Updated 7 years ago
Alternatives and similar repositories for xssfinder
Users that are interested in xssfinder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆250Jun 6, 2018Updated 7 years ago
- Simple multi threaded tool to extract domain related data from commoncrawl.org☆31Jul 17, 2018Updated 7 years ago
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆187Aug 3, 2019Updated 6 years ago
- A better dns bruteforcer written in golang☆13Nov 4, 2018Updated 7 years ago
- ☆32Apr 6, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Extract subdomains from SSL certificates in HTTPS sites.☆390Mar 3, 2025Updated last year
- bountytpl – template generator cli. By using a template similar to the ones for Template Generator (https://github.com/fransr/template-ge…☆47Aug 5, 2019Updated 6 years ago
- A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!☆86Apr 3, 2020Updated 6 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆305Aug 21, 2020Updated 5 years ago
- a .js scanner, built in php. designed to scrape urls and other info☆228Aug 22, 2017Updated 8 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆41Jul 19, 2018Updated 7 years ago
- Generates permutations, alterations and mutations of subdomains. Auto Resolve what we find.☆11Dec 8, 2020Updated 5 years ago
- WebBorer is a directory-enumeration tool written in Go.☆44Mar 7, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Dec 23, 2022Updated 3 years ago
- A mini webserver with FTP support for XXE payloads☆343Jan 3, 2024Updated 2 years ago
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions☆227Mar 29, 2022Updated 4 years ago
- The Serverless Blind XSS App☆340Mar 28, 2026Updated 2 months ago
- Burp plugin able to find reflected XSS on page in real-time while browsing on site☆1,211Feb 2, 2021Updated 5 years ago
- Retrieve the complete build history for every job ever created and executed on a given Jenkins instance.☆67Apr 25, 2025Updated last year
- A permutation generation tool written in golang☆214Jul 15, 2019Updated 6 years ago
- Burp Suite Extension to monitor new scope☆201Mar 31, 2021Updated 5 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆319May 22, 2023Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms ti…☆98Jun 5, 2021Updated 4 years ago
- secretz, minimizing the large attack surface of Travis CI☆326May 30, 2022Updated 4 years ago
- Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.☆632Mar 18, 2022Updated 4 years ago
- WebDigger is a python based tool, specially created to get a company's unknown domain for pentestor.☆17Aug 6, 2016Updated 9 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆115Mar 29, 2019Updated 7 years ago
- Fetch many paths for many hosts - without killing the hosts☆1,714Feb 3, 2024Updated 2 years ago
- ☆334Jan 8, 2018Updated 8 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆684Jan 28, 2024Updated 2 years ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Jun 1, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆217Oct 12, 2024Updated last year
- This tool can be used to brute discover GET and POST parameters☆1,395Aug 24, 2019Updated 6 years ago
- Print out URL schemas from an Android app☆131Feb 9, 2025Updated last year
- DOM XSS scanner for Single Page Applications☆415Nov 15, 2025Updated 6 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆266Nov 18, 2021Updated 4 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆64Apr 17, 2020Updated 6 years ago
- Get tweets and save file in JSON format without Twitter API☆11Jan 1, 2019Updated 7 years ago