ariary / DomXssFinder
Find sources and sinks in js code that could lead to DOM XSS 🔎💧🚰
☆22Updated last year
Alternatives and similar repositories for DomXssFinder:
Users that are interested in DomXssFinder are comparing it to the libraries listed below
- Community curated list of templates for the erebus engine to find security vulnerabilities.☆16Updated 3 years ago
- A burp-suite plugin that extract all parameter names from in-scope requests☆29Updated 3 years ago
- tool that generates bypasses for open redirects☆52Updated 2 years ago
- A FireBase DataBase TakeOver Tool along with POC Generator☆33Updated 3 years ago
- This repository presents a proof-of-concept of CVE-2024-23897☆15Updated 10 months ago
- A repo for tools, utils, and wrappers that are to small to put in their own repo.☆23Updated last year
- My fuzz repo!☆22Updated last year
- A simple utility to generate domain names with all possible TLDs☆23Updated 2 years ago
- This includes all the templates of nuclei collected from different sources☆17Updated 2 years ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- URL scanner for recon, vulnerabilities, secrets and more!☆12Updated 3 years ago
- ☆11Updated 2 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆33Updated 3 years ago
- Nuclei Templates☆11Updated 2 years ago
- All-in Fuzzer. Burp suite extension for auto fuzzing params, headers, body☆31Updated last week
- A tool which allows HackerOne researchers to download their reports into a local, indexed, and searchable repository☆17Updated 2 years ago
- Bcheck scripts for Burp☆25Updated 7 months ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆43Updated 4 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆58Updated last year
- ☆42Updated 3 years ago
- This extension provides a way to discover NoSQL injection vulnerabilities.☆23Updated last year
- ☆33Updated 2 years ago
- ☆33Updated 3 years ago
- collection of various grep patterns collected from tomnomnom/gf and other places☆21Updated 4 years ago
- Chameleon Wordlists☆16Updated 2 years ago
- Springboot detection☆21Updated 3 years ago
- Additional nuclei templates☆36Updated last year
- URL Encode Injection List☆11Updated 3 years ago
- Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.☆10Updated 3 years ago
- burpsuite extension☆15Updated 2 years ago