Toolset for detecting reflected xss in websites
☆116Oct 7, 2018Updated 7 years ago
Alternatives and similar repositories for xssfinder
Users that are interested in xssfinder are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆250Jun 6, 2018Updated 7 years ago
- Simple multi threaded tool to extract domain related data from commoncrawl.org☆31Jul 17, 2018Updated 7 years ago
- A better version of my xssfinder tool - scans for different types of xss on a list of urls.☆187Aug 3, 2019Updated 6 years ago
- A better dns bruteforcer written in golang☆13Nov 4, 2018Updated 7 years ago
- ☆32Apr 6, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- bountytpl – template generator cli. By using a template similar to the ones for Template Generator (https://github.com/fransr/template-ge…☆47Aug 5, 2019Updated 6 years ago
- Extract subdomains from SSL certificates in HTTPS sites.☆390Mar 3, 2025Updated last year
- A really simple utility to concate wordlists to a domain name - to pipe into your favourite resolver!☆86Apr 3, 2020Updated 5 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆304Aug 21, 2020Updated 5 years ago
- a .js scanner, built in php. designed to scrape urls and other info☆228Aug 22, 2017Updated 8 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆41Jul 19, 2018Updated 7 years ago
- Generates permutations, alterations and mutations of subdomains. Auto Resolve what we find.☆11Dec 8, 2020Updated 5 years ago
- WebBorer is a directory-enumeration tool written in Go.☆44Mar 7, 2023Updated 3 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Dec 23, 2022Updated 3 years ago
- A mini webserver with FTP support for XXE payloads☆341Jan 3, 2024Updated 2 years ago
- The Serverless Blind XSS App☆338Feb 21, 2026Updated last month
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions☆227Mar 29, 2022Updated 4 years ago
- Burp plugin able to find reflected XSS on page in real-time while browsing on site☆1,204Feb 2, 2021Updated 5 years ago
- Retrieve the complete build history for every job ever created and executed on a given Jenkins instance.☆67Apr 25, 2025Updated 11 months ago
- Burp Suite Extension to monitor new scope☆200Mar 31, 2021Updated 4 years ago
- A permutation generation tool written in golang☆210Jul 15, 2019Updated 6 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆318May 22, 2023Updated 2 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms ti…☆96Jun 5, 2021Updated 4 years ago
- secretz, minimizing the large attack surface of Travis CI☆324May 30, 2022Updated 3 years ago
- Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.☆629Mar 18, 2022Updated 4 years ago
- WebDigger is a python based tool, specially created to get a company's unknown domain for pentestor.☆17Aug 6, 2016Updated 9 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆116Mar 29, 2019Updated 7 years ago
- Fetch many paths for many hosts - without killing the hosts☆1,711Feb 3, 2024Updated 2 years ago
- ☆332Jan 8, 2018Updated 8 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Apr 17, 2020Updated 5 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆680Jan 28, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.☆80Jun 1, 2019Updated 6 years ago
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆217Oct 12, 2024Updated last year
- Print out URL schemas from an Android app☆128Feb 9, 2025Updated last year
- This tool can be used to brute discover GET and POST parameters☆1,396Aug 24, 2019Updated 6 years ago
- DOM XSS scanner for Single Page Applications☆414Nov 15, 2025Updated 4 months ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- Get tweets and save file in JSON format without Twitter API☆11Jan 1, 2019Updated 7 years ago