aaditya2098 / noobstuffsView external linksLinks
Xss payload for bypassing waf
☆18Apr 18, 2020Updated 5 years ago
Alternatives and similar repositories for noobstuffs
Users that are interested in noobstuffs are comparing it to the libraries listed below
Sorting:
- XSS payloads for bypassing WAF. This repository is updating continuously.☆264Mar 15, 2024Updated last year
- Cool HackerOne Reports☆22Nov 16, 2022Updated 3 years ago
- Welcome to RFS notes to CRTP - Certified Red Team Professional by Altered Security.☆21Aug 20, 2024Updated last year
- A list of notes that I've compiled over time to help with CTF's and the OSCP exam.☆10Dec 29, 2020Updated 5 years ago
- LogSnare: A playground for testing, preventing, and logging IDOR vulnerabilities.☆33Mar 4, 2024Updated last year
- A lightweight Python tool to analyze PCAP files and generate network traffic reports. It detects traffic patterns, security concerns, and…☆18Sep 25, 2024Updated last year
- this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..☆10Aug 15, 2024Updated last year
- Describe how to use ffuf different options with examples☆13Jun 13, 2022Updated 3 years ago
- Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in the OWASP To…☆12Jan 30, 2023Updated 3 years ago
- ☆13Sep 8, 2024Updated last year
- 判断是不是CDN IP,用于收缩目标资产范围☆10Mar 9, 2022Updated 3 years ago
- Nuclei Templates☆25Oct 17, 2024Updated last year
- A domain recon tool to help detect DNS based vulnerabilities, such as zone transfers and subdomain takeovers.☆11Mar 25, 2022Updated 3 years ago
- Hack The Box CPTS command☆30Jun 25, 2025Updated 7 months ago
- Get 10k subdomains in securitytrails using cookie without apikey.☆36Oct 23, 2025Updated 3 months ago
- Shared wordlists used for common subdomains , directory bruteforcing etc.☆10May 26, 2025Updated 8 months ago
- Argus is used to test for Blind XSS and SSRF vulnerbilities or any sort of OOB detection☆13Nov 1, 2024Updated last year
- ☆48Oct 11, 2025Updated 4 months ago
- A solid recon tool I use personally.☆30May 12, 2023Updated 2 years ago
- Process URLs and remove duplicate query parameters.☆28Mar 19, 2024Updated last year
- ☆29Dec 13, 2023Updated 2 years ago
- Chameleon Wordlists☆15Sep 13, 2022Updated 3 years ago
- Simple Automation script for juniper cve-2023-36845☆19Jan 30, 2024Updated 2 years ago
- Extract metadata with SSRF (Server-Side Request Forgery)☆16Jul 23, 2022Updated 3 years ago
- A Python tool for exploiting Django RCE via deserialization vulnerabilities in session cookies, allowing remote code execution through fo…☆19Nov 21, 2025Updated 2 months ago
- Passively check for XSS character encodings☆18Feb 7, 2026Updated last week
- ☆47Apr 18, 2023Updated 2 years ago
- BurpSiute - BurpBounty Profiles☆20Feb 10, 2023Updated 3 years ago
- Materials used in preperation for the BSCP certification from PortSwigger☆17Jan 28, 2022Updated 4 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆17Jan 31, 2021Updated 5 years ago
- Ultimate Wordlist for Web Content Discovery☆68Apr 28, 2025Updated 9 months ago
- If you found this, you are among the truly lucky, to be given providence to my curated and often custom wordlists. Enjoy, buddy, you've …☆61Jun 20, 2025Updated 7 months ago
- gh0str3con is a All in one cloud based web Recon tool.☆23Jul 8, 2024Updated last year
- Example: Client-Side Template Injection with Vue☆24Feb 20, 2023Updated 2 years ago
- ☆20Sep 2, 2021Updated 4 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆143Jun 27, 2023Updated 2 years ago
- A collection of scripts to steal BTC from Lightning Network enabled custodial services. Only for educational purpose! Share your findings…☆18Sep 19, 2021Updated 4 years ago
- All Type of Payloads☆141Mar 26, 2024Updated last year
- A Firefox Web Extension to improve the discovery of DOM XSS.☆285Nov 13, 2024Updated last year