Quitten / XSSorLinks
XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily, an application security expert. XSSor was designed to help security testers by performing semi-automatic reflected and persistent XSS detection tests.
☆62Updated 4 years ago
Alternatives and similar repositories for XSSor
Users that are interested in XSSor are comparing it to the libraries listed below
Sorting:
- A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks☆60Updated 6 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆74Updated 4 years ago
- Finds the End-Points in JavaScript files☆97Updated 4 years ago
- Virtual host wordlist☆51Updated 4 years ago
- Recon Custom WordList Ganerator☆58Updated 5 years ago
- A Python script to parse net blocks & domain names from SPF record☆84Updated 5 years ago
- Get all possible href | src | url from target url or domain☆41Updated 5 years ago
- Takeover subdomains using AWS dangling elastic ips and have a working POC for Subdomain Takeover.☆93Updated 4 months ago
- Hacked together script for feeding urls into Burp's Sitemap☆93Updated 6 months ago
- Push notifications for passive DNS data☆109Updated 9 years ago
- Misc bounty and vulndisc things☆85Updated 4 years ago
- Simple tool to test for SSRF/OOB HTTP Read within the Path of a request☆30Updated 6 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆39Updated 4 years ago
- ☆60Updated last year
- a tool that compiles a csv of all h1 program stats☆47Updated 2 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆113Updated 2 years ago
- A list of Awesome Bughunting oneliners , collected from the various sources☆69Updated 2 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Updated 5 years ago
- Handy bash and python scripts for bug bounty hunting!☆47Updated 4 years ago
- Bug Bounty statistics tool.☆33Updated 2 years ago
- subdomain bruteforce list☆102Updated last year
- ☆38Updated 5 years ago
- Offsec Pentest and Bug Bounty Notes☆25Updated 5 years ago
- Framework to automate Bug Bounty Reconnaissance☆45Updated 4 years ago
- Send notifications on different channels such as Slack, Telegram, Discord etc.☆39Updated 2 years ago
- My recon script☆50Updated 5 years ago
- Detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.☆40Updated 2 years ago
- ☆57Updated 5 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆52Updated 4 years ago