Cross Site Scripting Payloads -- Variations
☆72Apr 26, 2025Updated 10 months ago
Alternatives and similar repositories for XSSPayloads
Users that are interested in XSSPayloads are comparing it to the libraries listed below
Sorting:
- A collection of XSS Attack vectors☆10Apr 26, 2025Updated 10 months ago
- A repository with various tutorials on how to do things in Pentesting, setup environments and other things☆20Apr 26, 2025Updated 10 months ago
- ☆131Jun 17, 2022Updated 3 years ago
- ☆10Dec 19, 2017Updated 8 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 6 years ago
- [WIP] a simple UI for Vulhub☆16Jun 10, 2021Updated 4 years ago
- 漏洞测试环境 - 方便写扫描器利用复现☆27Aug 12, 2019Updated 6 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- Scripts for Deploying new server☆49Apr 26, 2025Updated 10 months ago
- A VBA implementation of the RunPE technique or how to bypass application whitelisting.☆14Dec 30, 2018Updated 7 years ago
- jre8u20 gadget☆34May 23, 2021Updated 4 years ago
- CVE-2020-9548:FasterXML/jackson-databind 远程代码执行漏洞☆24Mar 2, 2020Updated 6 years ago
- Automated Subnet Scanner☆26Feb 25, 2025Updated last year
- RCE Exploit PoC for XMLDecoder☆63Aug 1, 2013Updated 12 years ago
- Some debug notes and exploit(not blind)☆39Jul 28, 2019Updated 6 years ago
- MySQL fake server for read files of connected clients☆605Jul 23, 2017Updated 8 years ago
- web模糊测试 - 将漏洞可能性放大☆145Apr 23, 2019Updated 6 years ago
- CNVD-C-2019-48814 Weblogic wls9_async_response 反序列化��利用工具☆36Jun 3, 2019Updated 6 years ago
- Wordlist to get files/ folders listed by the app that may expose passwords, sensitive file or folders☆22Jul 10, 2020Updated 5 years ago
- 用WebShell攻击PHP-FPM Attacking PHP-FPM with WebShell☆41May 6, 2021Updated 4 years ago
- ☆404Feb 28, 2020Updated 6 years ago
- 把jsp的cmdshell升级为冰蝎一句话☆11Sep 23, 2019Updated 6 years ago
- ☆12Sep 27, 2018Updated 7 years ago
- ☆28Sep 11, 2019Updated 6 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Apr 5, 2019Updated 6 years ago
- Shiro_721 exp 纯手工实现Padding Oracle整个过程☆67Nov 20, 2019Updated 6 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆25Apr 19, 2017Updated 8 years ago
- 更快速的进行Web应用指纹识别☆170May 9, 2019Updated 6 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+�☆483Dec 9, 2020Updated 5 years ago
- ☆11Jul 8, 2021Updated 4 years ago
- Subdomain finder☆10Mar 13, 2025Updated 11 months ago
- Purple Team Workshop by @jorgeorchilles☆12Apr 26, 2025Updated 10 months ago
- Penetration Testing Methodology - short notes☆11May 30, 2015Updated 10 years ago
- A small collection of Burp Suite extensions, written in Python☆10Nov 19, 2016Updated 9 years ago
- CVE-2020-2546,CVE-2020-2915 CVE-2020-2801 CVE-2020-2798 CVE-2020-2883 CVE-2020-2884 CVE-2020-2950 WebLogic T3 payload exploit poc pyth…☆133Mar 5, 2023Updated 3 years ago
- 用于记录分享一些有趣的案例☆865Jan 10, 2022Updated 4 years ago
- fastjson 1.2.68 版本 autotype bypass☆142Jun 17, 2022Updated 3 years ago
- 又一个Java Web代码审计工具☆100May 7, 2018Updated 7 years ago