Xss payload for bypassing waf
☆18Apr 18, 2020Updated 6 years ago
Alternatives and similar repositories for noobstuffs
Users that are interested in noobstuffs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- XSS payloads for bypassing WAF. This repository is updating continuously.☆272Mar 15, 2024Updated 2 years ago
- Nuclei Templates☆25Oct 17, 2024Updated last year
- Get 10k subdomains in securitytrails using cookie without apikey.☆40Oct 23, 2025Updated 6 months ago
- Cool HackerOne Reports☆22Nov 16, 2022Updated 3 years ago
- Process URLs and remove duplicate query parameters.☆27Mar 19, 2024Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A lightweight Python tool to analyze PCAP files and generate network traffic reports. It detects traffic patterns, security concerns, and…☆18Sep 25, 2024Updated last year
- LogSnare: A playground for testing, preventing, and logging IDOR vulnerabilities.☆33Mar 4, 2024Updated 2 years ago
- A list of notes that I've compiled over time to help with CTF's and the OSCP exam.☆10Dec 29, 2020Updated 5 years ago
- Shared wordlists used for common subdomains , directory bruteforcing etc.☆10May 26, 2025Updated 11 months ago
- Welcome to RFS notes to CRTP - Certified Red Team Professional by Altered Security.☆22Aug 20, 2024Updated last year
- ☆29Dec 13, 2023Updated 2 years ago
- A domain recon tool to help detect DNS based vulnerabilities, such as zone transfers and subdomain takeovers.☆11Mar 25, 2022Updated 4 years ago
- 判断是不是CDN IP,用于收缩目标资产范围☆10Mar 9, 2022Updated 4 years ago
- Scripts/tools to destroy things☆16Sep 13, 2021Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Passively check for XSS character encodings☆19Mar 9, 2026Updated last month
- ☆13Sep 8, 2024Updated last year
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆143Jun 27, 2023Updated 2 years ago
- Extract metadata with SSRF (Server-Side Request Forgery)☆16Jul 23, 2022Updated 3 years ago
- BurpSiute - BurpBounty Profiles☆20Feb 10, 2023Updated 3 years ago
- Simple Automation script for juniper cve-2023-36845☆19Jan 30, 2024Updated 2 years ago
- this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..☆11Aug 15, 2024Updated last year
- A solid recon tool I use personally.☆30May 12, 2023Updated 2 years ago
- Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP To…☆12Jan 30, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆13Mar 12, 2022Updated 4 years ago
- 申明:仅供教学演示,禁用非法、未授权等进行钓鱼,后果自负。☆12May 21, 2024Updated last year
- If you found this, you are among the truly lucky, to be given providence to my curated and often custom wordlists. Enjoy, buddy, you've …☆62Jun 20, 2025Updated 10 months ago
- Collected fuzzing payloads from different resources☆126Jan 19, 2026Updated 3 months ago
- Chameleon Wordlists☆15Sep 13, 2022Updated 3 years ago
- gh0str3con is a All in one cloud based web Recon tool.☆24Jul 8, 2024Updated last year
- CVE-2023-7028☆58Jan 12, 2024Updated 2 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆291Nov 13, 2024Updated last year
- Ultimate Wordlist for Web Content Discovery☆70Apr 28, 2025Updated last year
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- XXE漏洞检测 Payload大全☆13Apr 28, 2019Updated 7 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆17Jan 31, 2021Updated 5 years ago
- Master Thick Client Penetration Testing: Explore practical methodologies, uncover vulnerabilities, and enhance security.☆19Apr 6, 2024Updated 2 years ago
- ☆47Apr 18, 2023Updated 3 years ago
- Toolset for detecting reflected xss in websites☆16Oct 6, 2018Updated 7 years ago
- My Private Bug Hunting Methodology☆321Nov 27, 2024Updated last year
- Example: Client-Side Template Injection with Vue☆25Feb 20, 2023Updated 3 years ago