Nhoya / PastebinMarkdownXSSLinks
XSS in pastebin.com and reddit.com via unsanitized markdown output
☆87Updated 7 years ago
Alternatives and similar repositories for PastebinMarkdownXSS
Users that are interested in PastebinMarkdownXSS are comparing it to the libraries listed below
Sorting:
- Everything you need to exploit overly permissive crossdomain.xml files☆86Updated 10 years ago
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆49Updated 2 years ago
- Abusing Self-XSS and Clickjacking to trigger XSS☆135Updated 8 years ago
- TLS Redirection☆120Updated 7 years ago
- Highlight Burp proxy requests made by different browsers☆30Updated 7 years ago
- A Python3 based single-file subdomain enumerator☆89Updated 5 years ago
- Chrome Extension for XSS Hunter Payloads☆41Updated 8 years ago
- A collection of the solutions people wrote for the H1-212 Capture The Flag event☆95Updated 6 years ago
- Burp Suite extension to generate Intruder payloads using Radamsa☆89Updated 7 years ago
- Simple wrapper for meg that sieves through meg's output for you.☆60Updated 5 years ago
- Actarus is a custom tool for bug bounty☆76Updated 5 years ago
- A Firefox extension and WebSocket handler that checks S3/Google/Azure buckets while your browse.☆37Updated 5 years ago
- Various tools for managing bug bounty recon and exploration.☆47Updated 2 years ago
- Exploit insecure crossdomain.xml files.☆26Updated 8 years ago
- ☆71Updated 7 years ago
- Allows you to trace where inputs are reflected back to the user.☆37Updated 7 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆45Updated 7 years ago
- Materials related to the 2017 BSides Las Vegas presentation☆52Updated 4 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Updated 7 years ago
- ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.☆102Updated 6 years ago
- "What To" guide for finding vulnerabilities in sites.☆21Updated 7 years ago
- GitBackdorizer (bad name, I know!) Is a proof of concept from Ulisses Castro's talk - 50 ton of backdoors (https://www.slideshare.net/uli…☆49Updated 7 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35Updated 6 years ago
- Pillage a git repo found in an accessible web root☆61Updated 14 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Updated 12 years ago
- Stay on top of new domains! Bug bounty hunters can use this tool to receive Pushbullet notifications each time there is a new target subd…☆26Updated 7 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆34Updated 8 years ago
- A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status☆89Updated 4 years ago
- A central place to keep track of relevant BountyMachine talks, blogs, and interesting things!☆33Updated 6 years ago
- ActionScript Proof of Concept to perform cross-domain reads☆43Updated 11 years ago