Xss payload for bypassing waf
☆18Apr 18, 2020Updated 5 years ago
Alternatives and similar repositories for noobstuffs
Users that are interested in noobstuffs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- XSS payloads for bypassing WAF. This repository is updating continuously.☆270Mar 15, 2024Updated 2 years ago
- Nuclei Templates☆25Oct 17, 2024Updated last year
- Describe how to use ffuf different options with examples☆13Jun 13, 2022Updated 3 years ago
- Get 10k subdomains in securitytrails using cookie without apikey.☆37Oct 23, 2025Updated 5 months ago
- Process URLs and remove duplicate query parameters.☆27Mar 19, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- A lightweight Python tool to analyze PCAP files and generate network traffic reports. It detects traffic patterns, security concerns, and…☆18Sep 25, 2024Updated last year
- LogSnare: A playground for testing, preventing, and logging IDOR vulnerabilities.☆33Mar 4, 2024Updated 2 years ago
- Shared wordlists used for common subdomains , directory bruteforcing etc.☆10May 26, 2025Updated 10 months ago
- Welcome to RFS notes to CRTP - Certified Red Team Professional by Altered Security.☆21Aug 20, 2024Updated last year
- ☆29Dec 13, 2023Updated 2 years ago
- A domain recon tool to help detect DNS based vulnerabilities, such as zone transfers and subdomain takeovers.☆11Mar 25, 2022Updated 4 years ago
- 判断是不是CDN IP,用于收缩目标资产范围☆10Mar 9, 2022Updated 4 years ago
- Passively check for XSS character encodings☆18Mar 9, 2026Updated 2 weeks ago
- ☆13Sep 8, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆143Jun 27, 2023Updated 2 years ago
- Extract metadata with SSRF (Server-Side Request Forgery)☆16Jul 23, 2022Updated 3 years ago
- BurpSiute - BurpBounty Profiles☆20Feb 10, 2023Updated 3 years ago
- Simple Automation script for juniper cve-2023-36845☆19Jan 30, 2024Updated 2 years ago
- this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..☆11Aug 15, 2024Updated last year
- A solid recon tool I use personally.☆30May 12, 2023Updated 2 years ago
- Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP To…☆12Jan 30, 2023Updated 3 years ago
- ☆13Mar 12, 2022Updated 4 years ago
- 申明:仅供教学演示,禁用非法、未授权等进行钓鱼,后果自负。☆12May 21, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Webarchive is a Go package for pentesters and developers to interacting with the Wayback Machine's CDX API and integrate web archive util…☆11Feb 25, 2024Updated 2 years ago
- If you found this, you are among the truly lucky, to be given providence to my curated and often custom wordlists. Enjoy, buddy, you've …☆62Jun 20, 2025Updated 9 months ago
- Chameleon Wordlists☆15Sep 13, 2022Updated 3 years ago
- gh0str3con is a All in one cloud based web Recon tool.☆24Jul 8, 2024Updated last year
- CVE-2023-7028☆58Jan 12, 2024Updated 2 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆289Nov 13, 2024Updated last year
- Switch between two running operating systems without losing their state.☆58Jan 2, 2026Updated 2 months ago
- Ultimate Wordlist for Web Content Discovery☆70Apr 28, 2025Updated 11 months ago
- XXE漏洞检测 Payload大全☆13Apr 28, 2019Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆17Jan 31, 2021Updated 5 years ago
- Master Thick Client Penetration Testing: Explore practical methodologies, uncover vulnerabilities, and enhance security.☆20Apr 6, 2024Updated last year
- ☆47Apr 18, 2023Updated 2 years ago
- Toolset for detecting reflected xss in websites☆16Oct 6, 2018Updated 7 years ago
- My Private Bug Hunting Methodology☆316Nov 27, 2024Updated last year
- Example: Client-Side Template Injection with Vue☆25Feb 20, 2023Updated 3 years ago
- This is an UNOFFICIAL guide and general list of cheatsheets, references, and walkthroughs aligned with the OffSec OSCP exam process☆33Dec 12, 2025Updated 3 months ago