Nhoya / PastebinMarkdownXSS
XSS in pastebin.com and reddit.com via unsanitized markdown output
☆87Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for PastebinMarkdownXSS
- Simple wrapper for meg that sieves through meg's output for you.☆59Updated 5 years ago
- ReconJSON is a project dedicated to creating a flexible and consistent JSON format across popular recon tools.☆102Updated 5 years ago
- Actarus is a custom tool for bug bounty☆75Updated 4 years ago
- A Firefox extension and WebSocket handler that checks S3/Google/Azure buckets while your browse.☆37Updated 4 years ago
- Chrome Extension for XSS Hunter Payloads☆41Updated 8 years ago
- A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status☆89Updated 4 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 7 years ago
- Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.☆50Updated 2 years ago
- Everything you need to exploit overly permissive crossdomain.xml files☆87Updated 9 years ago
- TLS Redirection☆117Updated 6 years ago
- A Python3 based single-file subdomain enumerator☆90Updated 5 years ago
- ☆35Updated 5 years ago
- GitBackdorizer (bad name, I know!) Is a proof of concept from Ulisses Castro's talk - 50 ton of backdoors (https://www.slideshare.net/uli…☆49Updated 6 years ago
- ☆159Updated 6 years ago
- Fast subdomains enumeration tool for penetration testers☆117Updated 5 years ago
- try privilege escalation changing sudo command☆118Updated 6 years ago
- Automate common Chrome Debug Protocol tasks to help debug web applications from the command-line and actively monitor and intercept HTTP …☆73Updated 3 years ago
- HTTPoxy Exploit Scanner by 1N3 @CrowdShield☆104Updated 7 years ago
- A deliberately vulnerable modern day app with lots of DOM related bugs☆36Updated 5 years ago
- Various tools for managing bug bounty recon and exploration.☆46Updated last year
- Tool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.☆63Updated 5 years ago
- A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.☆34Updated 8 years ago
- Highlight Burp proxy requests made by different browsers☆30Updated 7 years ago
- ☆70Updated 6 years ago
- Pillage a git repo found in an accessible web root☆59Updated 13 years ago
- XXRF Shots - Useful for testing SSRF vulnerability☆74Updated last year
- A collection of scripts used to interact with the Burp Rest API☆51Updated 5 years ago