XSSearch is a comprehensive reflected XSS tool built on selenium framework in python language. It contains more than 3000 payloads for automating XSS attacks and validating XSS endpoint
☆59Feb 4, 2022Updated 4 years ago
Alternatives and similar repositories for XSSearch
Users that are interested in XSSearch are comparing it to the libraries listed below
Sorting:
- ☆12Jun 15, 2022Updated 3 years ago
- Passively check for XSS character encodings☆18Feb 7, 2026Updated 2 weeks ago
- Automation: Bash script wrapper to find and verify time base sql injection☆10Aug 25, 2022Updated 3 years ago
- All in one subdomain Enumeration tool☆21Jan 1, 2023Updated 3 years ago
- Some of the gf patterns which i use☆44Jan 19, 2022Updated 4 years ago
- All-in-One WP Migration-Backup-Finder☆15Nov 5, 2025Updated 3 months ago
- ☆27Jul 30, 2021Updated 4 years ago
- Magic Header Blind Xss tool (deliver blind xss payloads in request headers).☆25May 30, 2021Updated 4 years ago
- Automated Recon Tool Installer☆15Jun 29, 2022Updated 3 years ago
- A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.☆109Mar 1, 2022Updated 3 years ago
- Automated Web Recon Shell Scripts☆53Dec 6, 2021Updated 4 years ago
- S3 Recon tips and tricks collected from different resources,Sorry if i missed to mention all resources owners☆27Nov 13, 2021Updated 4 years ago
- Reflected Cross-Site Scripting (XSS) vulnerability in 'index.php' login-portal webpage of SourceCodesters Tailor Management System v1.0 a…☆25Sep 2, 2020Updated 5 years ago
- OpenBugBounty - https://www.openbugbounty.org/ programs list☆23Mar 15, 2021Updated 4 years ago
- ☆11Oct 7, 2022Updated 3 years ago
- GetSimple CMS Custom JS Plugin Exploit RCE Chain☆11Mar 8, 2023Updated 2 years ago
- part of my wordlist to bruteforce DNS to find subdoamains.☆61Jul 26, 2021Updated 4 years ago
- Advanced external automation on bug bounty programs by running the best set of tools to perform scanning and finding out vulnerabilities.☆105Jun 28, 2022Updated 3 years ago
- ☆16Oct 30, 2022Updated 3 years ago
- A training course on Web Security, Exploit Development and Source Code Auditing from 2009.☆12Feb 15, 2022Updated 4 years ago
- WordPress Plugin Update Confusion☆67Dec 7, 2021Updated 4 years ago
- Check AWS S3 instances for read/write/delete access☆121Feb 8, 2022Updated 4 years ago
- ☆12Jan 4, 2022Updated 4 years ago
- Bash script to extract data from the Waybackmachine☆11Mar 15, 2021Updated 4 years ago
- GG Dorking is a tool to generate GitHub and Google dorking for pentesters and bug bounty hunters.☆101Jul 12, 2025Updated 7 months ago
- ☆38Dec 10, 2023Updated 2 years ago
- Subdomain Takeover tool with web UI☆57Feb 24, 2023Updated 3 years ago
- tools to find xss in a website☆62Apr 27, 2022Updated 3 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆64Sep 3, 2022Updated 3 years ago
- Reconflow is all in one tool for gathering reconnaissance information about a target in a penetration test☆14Jul 18, 2021Updated 4 years ago
- ☆40Jul 24, 2022Updated 3 years ago
- ☆46Nov 5, 2025Updated 3 months ago
- all manner of wordlists☆24Jan 19, 2022Updated 4 years ago
- Finding XSS during recon☆273Sep 13, 2022Updated 3 years ago
- Learn 101 is a challenge to keep the learning spirit going on and challenge myself to learn something daily for 101 days.☆30Jun 7, 2022Updated 3 years ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆36Dec 13, 2025Updated 2 months ago
- sub domain wild card filtering tool☆40Apr 18, 2020Updated 5 years ago
- A python script to bypass 403-forbidden.☆13Aug 2, 2021Updated 4 years ago
- Following OWASP TOP 10 (the top ten most critical web application security risk) I decided to build an XSS Scanner.☆12Dec 12, 2022Updated 3 years ago