ariary / DomXssFinder
Find sources and sinks in js code that could lead to DOM XSS 🔎💧🚰
☆22Updated last year
Alternatives and similar repositories for DomXssFinder:
Users that are interested in DomXssFinder are comparing it to the libraries listed below
- tool that generates bypasses for open redirects☆52Updated 2 years ago
- ☆35Updated 2 months ago
- Community curated list of templates for the erebus engine to find security vulnerabilities.☆16Updated 3 years ago
- A FireBase DataBase TakeOver Tool along with POC Generator☆33Updated 3 years ago
- ☆42Updated 3 years ago
- A repo for tools, utils, and wrappers that are to small to put in their own repo.☆23Updated 2 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆33Updated 3 years ago
- URL Encode Injection List☆11Updated 3 years ago
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆28Updated 3 years ago
- ☆11Updated 2 years ago
- A simple utility to generate domain names with all possible TLDs☆23Updated 2 years ago
- URL scanner for recon, vulnerabilities, secrets and more!☆12Updated 3 years ago
- Chameleon Wordlists☆16Updated 2 years ago
- Tool to extract & validate google fcm server keys from apks☆28Updated 4 years ago
- 一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.☆13Updated last year
- Additional nuclei templates☆36Updated last year
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆49Updated 2 years ago
- ☆33Updated 3 years ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆43Updated 4 years ago
- This extension provides a way to discover NoSQL injection vulnerabilities.☆23Updated last year
- Bcheck scripts for Burp☆25Updated 7 months ago
- collection of various grep patterns collected from tomnomnom/gf and other places☆21Updated 4 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆58Updated last year
- Droz_scan is a automated script, that runs all the queries of drozer in a single run☆26Updated last year
- Enhanced 403 bypass header☆21Updated 2 years ago
- ☆25Updated this week
- sonarbyte is a simple and fast subdomain scanner written in go to extract subdomain from Rapid7's DNS Database using omnisint's api.☆26Updated 2 years ago
- Nuclei Templates☆11Updated 2 years ago
- This includes all the templates of nuclei collected from different sources☆17Updated 2 years ago
- ☆33Updated 2 years ago