Toolset for detecting reflected xss in websites
☆116Oct 7, 2018Updated 7 years ago
Alternatives and similar repositories for xssfinder
Users that are interested in xssfinder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆250Jun 6, 2018Updated 7 years ago
- Simple multi threaded tool to extract domain related data from commoncrawl.org☆31Jul 17, 2018Updated 7 years ago
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆187Aug 3, 2019Updated 6 years ago
- A better dns bruteforcer written in golang☆13Nov 4, 2018Updated 7 years ago
- ☆31Apr 6, 2021Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Extract subdomains from SSL certificates in HTTPS sites.☆389Mar 3, 2025Updated last year
- bountytpl – template generator cli. By using a template similar to the ones for Template Generator (https://github.com/fransr/template-ge…☆47Aug 5, 2019Updated 6 years ago
- A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!☆86Apr 3, 2020Updated 6 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆305Aug 21, 2020Updated 5 years ago
- a .js scanner, built in php. designed to scrape urls and other info☆228Aug 22, 2017Updated 8 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆40Jul 19, 2018Updated 7 years ago
- Generates permutations, alterations and mutations of subdomains. Auto Resolve what we find.☆11Dec 8, 2020Updated 5 years ago
- WebBorer is a directory-enumeration tool written in Go.☆44Mar 7, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Dec 23, 2022Updated 3 years ago
- A mini webserver with FTP support for XXE payloads☆341Jan 3, 2024Updated 2 years ago
- The Serverless Blind XSS App☆339Mar 28, 2026Updated 3 weeks ago
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions☆227Mar 29, 2022Updated 4 years ago
- Burp plugin able to find reflected XSS on page in real-time while browsing on site☆1,205Feb 2, 2021Updated 5 years ago
- Retrieve the complete build history for every job ever created and executed on a given Jenkins instance.☆66Apr 25, 2025Updated 11 months ago
- A permutation generation tool written in golang☆211Jul 15, 2019Updated 6 years ago
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 5 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆319May 22, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms ti…☆95Jun 5, 2021Updated 4 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.☆630Mar 18, 2022Updated 4 years ago
- WebDigger is a python based tool, specially created to get a company's unknown domain for pentestor.☆17Aug 6, 2016Updated 9 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆116Mar 29, 2019Updated 7 years ago
- Fetch many paths for many hosts - without killing the hosts☆1,714Feb 3, 2024Updated 2 years ago
- ☆332Jan 8, 2018Updated 8 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆683Jan 28, 2024Updated 2 years ago
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Jun 1, 2019Updated 6 years ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆216Oct 12, 2024Updated last year
- This tool can be used to brute discover GET and POST parameters☆1,393Aug 24, 2019Updated 6 years ago
- Print out URL schemas from an Android app☆128Feb 9, 2025Updated last year
- DOM XSS scanner for Single Page Applications☆414Nov 15, 2025Updated 5 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆64Apr 17, 2020Updated 6 years ago
- Get tweets and save file in JSON format without Twitter API☆11Jan 1, 2019Updated 7 years ago