HackCommander / PHP-info-cookie-stealer
Payload generator to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation.
☆18Updated 8 months ago
Related projects: ⓘ
- This tool allows you to find ssti vulnerability with ease!☆17Updated 2 years ago
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆31Updated 9 months ago
- A 1 Liner SQL Injection Attack using SQLMAP and various parameters that helps quickly check for a vulnerabilities during Bug Bounty☆33Updated 2 weeks ago
- "🔍 Subtron: Bash-driven subdomain seeker. Utilizes Subfinder, Amass, Assetfinder, and HTTPX to swiftly uncover live domains. Results sto…☆22Updated 7 months ago
- Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI☆27Updated 3 years ago
- ☆16Updated last year
- ☆21Updated 2 years ago
- XSS PoCs to elevate your alert()☆13Updated last year
- xsschecker tool checking reflected endpoints finding possible xss vulnerable endpoints.☆19Updated last month
- Host Header Vulnerability Scanner Automated Tool☆24Updated last year
- Check if domain has bug bounty program or not☆28Updated last year
- ☆14Updated 5 months ago
- ☆44Updated last year
- Python tool to test known techniques to bypass 403 and 401 HTTP responses.☆36Updated last year
- Alternative to XSS Hunter for blind XSS.☆48Updated last year
- ☆15Updated this week
- Sub-Domain TakeOver Vulnerability Scanner (edoardottt fork)☆31Updated 2 years ago
- convert case style of words☆21Updated 8 months ago
- A simple automation tool to detect lfi, rce and ssti vulnerability☆55Updated 2 years ago
- This tool is a simple LFI, RFI, RCE, and Joomla Components vulnerability scanner, created by JayCyberSecurity☆21Updated 2 years ago
- Run ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.☆24Updated last year
- Resolvers updated daily for reconftw☆46Updated last year
- A solid recon tool I use personally.☆31Updated last year
- Find CVEs that don't have a Detectify modules.☆21Updated last year
- ☆41Updated last year
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆48Updated 2 years ago
- All in one subdomain Enumeration tool☆22Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆16Updated 3 years ago
- XSS Finder Via SSTI☆54Updated last year
- Bug Bounty Recon Automation Script -- Scan AWS IP Range Certs for Matching FQDN☆24Updated 3 years ago