Quitten / XSSor
XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily, an application security expert. XSSor was designed to help security testers by performing semi-automatic reflected and persistent XSS detection tests.
☆49Updated 3 years ago
Alternatives and similar repositories for XSSor:
Users that are interested in XSSor are comparing it to the libraries listed below
- This script is intended to automate your reconnaissance process in an organized fashion☆39Updated 5 years ago
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- Bug Bounty statistics tool.☆31Updated 2 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆44Updated 2 years ago
- Simple tool to test for SSRF/OOB HTTP Read within the Path of a request☆30Updated 5 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆71Updated 4 years ago
- Collection of scripts to test your website against vulnerabilities.☆18Updated 11 months ago
- A bash script that fetches and maintains thousands of DNS resolvers☆65Updated 4 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆37Updated 7 years ago
- This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.☆37Updated 3 years ago
- web-based-fuzzer☆32Updated 4 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …☆60Updated 3 years ago
- A Python script to parse net blocks & domain names from SPF record☆82Updated 4 years ago
- ☆31Updated 5 years ago
- My recon script☆51Updated 5 years ago
- Simple Server Side Request Forgery services enumeration tool.☆54Updated 6 years ago
- Instant access to you bug bounty submission dashboard on various platforms + publicly disclosed reports + #bugbountytip☆21Updated 4 years ago
- Broken Link Hijacking Burp Extension☆56Updated 5 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆27Updated 6 years ago
- A collection of simple tools and poc-builders☆39Updated 2 years ago
- This is a small extension to make graphql readable☆30Updated 6 years ago
- Burp Suite extension to easily export sub domains☆44Updated 5 years ago
- Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…☆32Updated 5 years ago
- Flask powered website to display tweets with a hashtag #bugbountytip☆16Updated 4 years ago
- Virtual host wordlist☆51Updated 4 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆62Updated 3 years ago
- Open Redirect Finder.☆49Updated 8 months ago
- Subvenkon is a subdomain enumerator from Venkon☆23Updated 4 years ago
- This repository contains all the material from the talk "Practical recon techniques for bug hunters & pentesters" given at Bugcrowd Level…☆60Updated 6 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago