M4cs / traxss

Related projects: ⓘ

• menkrep1337 / XSSCon
  XSSCon: Simple XSS Scanner tool
  ☆209Updated 5 years ago
• JohnTroony / Blisqy
  Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
  ☆354Updated 5 years ago
• chrispetrou / FDsploit
  File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
  ☆263Updated 3 years ago
• In3tinct / See-SURF
  Python based scanner to find potential SSRF parameters
  ☆282Updated 5 months ago
• PR0PH3CY33 / XSS-Freak
  ☆133Updated this week
• VainlyStrain / Vailyn
  A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python
  ☆196Updated 2 years ago
• YasserGersy / cazador_unr
  Hacking tools
  ☆139Updated last week
• tijme / angularjs-csti-scanner
  Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
  ☆300Updated 2 years ago
• devploit / XORpass
  Encoder to bypass WAF filters using XOR operations.
  ☆249Updated 2 years ago
• MichaelStott / CRLF-Injection-Scanner
  Command line tool for testing CRLF injection on a list of domains.
  ☆150Updated 5 months ago
• tismayil / ohmybackup
  Scan Victim Backup Directories & Backup Files
  ☆178Updated 11 months ago
• jakejarvis / subtake
  Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
  ☆143Updated 4 years ago
• hash3liZer / Subrake
  🚀 A DNS automated scanner and tool 🖱️ (Zone Transfer, DNS Zone Takeover, Subdomain Takeover).
  ☆288Updated 3 months ago
• D4Vinci / CWFF
  Create your Custom Wordlist For Fuzzing
  ☆186Updated last year
• redhuntlabs / BurpSuite-Asset_Discover
  Burp Suite extension to discover assets from HTTP response.
  ☆217Updated 3 years ago
• LandGrey / abuse-ssl-bypass-waf
  Bypassing WAF by abusing SSL/TLS Ciphers
  ☆302Updated 3 years ago
• SpiderMate / B-XSSRF
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆294Updated 5 years ago
• hackerspider1 / EchoPwn
  Recon Automation for hackers by hackers
  ☆243Updated 4 years ago
• wish-i-was / femida
  Automated blind-xss search for Burp Suite
  ☆276Updated 4 years ago
• m4ll0k / BurpSuite-Secret_Finder
  ☆472Updated this week
• dark-warlord14 / JSScanner
  You can read the writeup on this script here
  ☆266Updated 4 years ago
• ghostlulzhacks / waybackSqliScanner
  ☆184Updated 5 years ago
• vavkamil / xss2png
  PNG IDAT chunks XSS payload generator
  ☆165Updated last year
• Warflop / cloudbunny
  CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search eng…
  ☆354Updated 7 months ago
• 0xspade / Automated-Scanner
  Trying to make automated recon for bug bounties
  ☆249Updated 3 years ago
• Damian89 / extended-xss-search
  A better version of my xssfinder tool - scans for different types of xss on a list of urls.
  ☆182Updated 5 years ago
• TebbaaX / GRecon
  Another version of katana, more automated but less stable. the purpose of this small tool is to run a Google based passive recon against …
  ☆220Updated 3 years ago
• thelinuxchoice / catchyou
  ☆206Updated this week
• s0md3v / JShell
  JShell - Get a JavaScript shell with XSS.
  ☆508Updated 5 years ago
• antichown / subdomain-takeover
  Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
  ☆346Updated last year