beescuit / crosssiteshell
A websocket-based reverse (javascript) shell for XSS attacks.
☆29Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for crosssiteshell
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆60Updated 10 months ago
- A better way of querying certificate transparency logs☆76Updated last year
- 😛 Primefaces 5.X EL Injection Exploit (CVE-2017-1000486)☆19Updated last year
- ☆43Updated last year
- Some Useful Tricks for Pentest Android and iOS Apps☆59Updated last week
- ☆18Updated 6 months ago
- Easily gather all routes related to a NextJs application through parsing of _buildManifest.js☆52Updated last year
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆68Updated 10 months ago
- ☆7Updated 11 months ago
- Yet Another PHP Shell - The most complete PHP reverse shell☆79Updated 2 years ago
- Robson is a simple LKM rootkit that uses the Linux kernel's kprobes tracing feature as a hooking mechanism.☆12Updated last year
- Repository with quick triggers to help during Pentest in an Active Directory environment.☆36Updated last week
- Some tips for Bug Bounty using LibreOffice☆32Updated 3 months ago
- crtdumper is a Go application designed to interact directly with Certificate Transparency (CT) logs servers and extract domain names fro…☆18Updated 4 months ago
- Colored Cat is a syntax highlighter file reader.☆16Updated 4 months ago
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆97Updated 2 months ago
- A powerful pentesting tool for proactive detection and exploitation of dependency confusion vulnerabilities in Node.js projects. Enhance …☆13Updated last year
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆35Updated 10 months ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆52Updated 2 weeks ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆63Updated last year
- burp extension for brazilian stuff☆25Updated last year
- Declutters URLs in a fast and flexible way, for improving input for web hacking automations such as crawlers and vulnerability scans.☆48Updated last year
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆42Updated 8 months ago
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆74Updated 5 months ago
- ☆67Updated 6 months ago
- A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.☆65Updated 7 months ago
- BurpSuite extension to convert requests into bcheck scripts☆30Updated last year
- 😹 Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with default credentials.☆101Updated 7 months ago
- Styx is an cross-platform GUI interface for HackTheBox made in GoLang☆19Updated 3 months ago
- ☆39Updated 11 months ago