Quitten / XSSorLinks
XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily, an application security expert. XSSor was designed to help security testers by performing semi-automatic reflected and persistent XSS detection tests.
☆58Updated 4 years ago
Alternatives and similar repositories for XSSor
Users that are interested in XSSor are comparing it to the libraries listed below
Sorting:
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆72Updated 4 years ago
- A Python script to parse net blocks & domain names from SPF record☆84Updated 5 years ago
- Simple tool to test for SSRF/OOB HTTP Read within the Path of a request☆30Updated 5 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 4 years ago
- This script is intended to automate your reconnaissance process in an organized fashion☆39Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- My recon script☆50Updated 5 years ago
- Finds the End-Points in JavaScript files☆93Updated 3 years ago
- Virtual host wordlist☆52Updated 4 years ago
- Bug Bounty statistics tool.☆32Updated 2 years ago
- Recon Custom WordList Ganerator☆58Updated 5 years ago
- Misc bounty and vulndisc things☆85Updated 4 years ago
- Get all possible href | src | url from target url or domain☆41Updated 4 years ago
- Open Redirect Finder.☆50Updated last year
- Push notifications for passive DNS data☆109Updated 9 years ago
- subdomain bruteforce list☆101Updated 9 months ago
- Broken Link Hijacking Burp Extension☆57Updated 5 years ago
- Hacked together script for feeding urls into Burp's Sitemap☆93Updated 2 months ago
- Offsec Pentest and Bug Bounty Notes☆25Updated 5 years ago
- web-based-fuzzer☆32Updated 5 years ago
- Handy bash and python scripts for bug bounty hunting!☆47Updated 4 years ago
- Some of my bug bounty tools☆51Updated 5 years ago
- Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma…☆17Updated 5 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …☆61Updated 3 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆113Updated 2 years ago
- Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…☆32Updated 5 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆65Updated 4 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆41Updated 4 years ago
- ☆38Updated 4 years ago
- S3 bucket finder from html,js and bucket misconfiguration testing tool☆34Updated 5 years ago