beescuit / crosssiteshell
A websocket-based reverse (javascript) shell for XSS attacks.
☆29Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for crosssiteshell
- A better way of querying certificate transparency logs☆76Updated last year
- ☆20Updated 7 months ago
- 😛 Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)☆19Updated last year
- Easily gather all routes related to a NextJs application through parsing of _buildManifest.js☆52Updated last year
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆60Updated 10 months ago
- burp extension for brazilian stuff☆25Updated last year
- Some Useful Tricks for Pentest Android and iOS Apps☆62Updated 3 weeks ago
- ☆43Updated last year
- Yet Another PHP Shell - The most complete PHP reverse shell☆79Updated 2 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆70Updated 10 months ago
- ☆47Updated 2 years ago
- A powerful pentesting tool for proactive detection and exploitation of dependency confusion vulnerabilities in Node.js projects. Enhance …☆13Updated last year
- ☆7Updated last year
- Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.☆49Updated last year
- ☆69Updated 6 months ago
- Some tips for Bug Bounty using LibreOffice☆33Updated this week
- Tool to enable blind sql injection attacks against websockets using sqlmap☆57Updated last year
- Compilation of scripts/tools (made by me or not) that help me with Pentest and Bug Bounty.☆27Updated 3 weeks ago
- ☆64Updated last year
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆13Updated 2 years ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆52Updated last month
- Colored Cat is a syntax highlighter file reader.☆16Updated 5 months ago
- Check subdomains for subdomain takeovers and other DNS tomfoolery☆107Updated this week
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆35Updated 11 months ago
- A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.☆35Updated 2 years ago
- Wordlist for web fuzzing, made from a variety of reliable sources including: result from my pentests, git.rip, ChatGPT, Lex, nuclei templ…☆91Updated 3 months ago
- BurpSuite extension to convert requests into bcheck scripts☆30Updated last year
- PoC for CVE-2022-40684 - Authentication bypass lead to Full device takeover (Read-only)☆87Updated 2 years ago
- PoC for the CVE-2021-4034 vulnerability, affecting polkit < 0.120.☆24Updated 2 years ago
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆36Updated last year