boku7 / XSS-Clientside-Attacks

Related projects: ⓘ

• 0xbharath / slurp
  A blazing fast & feature rich Amazon S3 bucket enumerator.
  ☆94Updated 2 years ago
• kleiton0x00 / CRLF-one-liner
  A simple Bash one liner with aim to automate CRLF vulnerability scanning.
  ☆67Updated 4 years ago
• 0xspade / Combined-Wordlists
  A combined wordlists for files and directory discovery
  ☆115Updated 3 years ago
• allyomalley / BurpParamFlagger
  A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…
  ☆130Updated 3 years ago
• ptswarm / ptswarm-twitter
  ☆76Updated 3 years ago
• incogbyte / quickpress
  Small tool to automate SSRF wordpress and XMLRPC finder
  ☆78Updated last year
• victoni / Bug-Bounty-Scripts
  The scripts I write to help me on my bug bounty hunting
  ☆118Updated 2 years ago
• InsiderPhD / Arjun
  HTTP parameter discovery suite.
  ☆59Updated 4 years ago
• m0chan / pwk-cheatsheet
  ☆45Updated 7 years ago
• Anon-Exploiter / subdomainsEnumerator
  A docker image which will enumerate, sort, unique and resolve the results of various subdomains enumeration tools.
  ☆71Updated 2 months ago
• shelld3v / aquatone
  A Tool for Domain Flyovers
  ☆89Updated last month
• devpwn / xmlrpc-scan
  golang tool to scan domains or single domains with know security issues against xmlrpc
  ☆60Updated 10 months ago
• yogisec / VulnerableSAMLApp
  Vulnerable SAML infrastructure training applicaiton
  ☆46Updated last year
• KathanP19 / portscan.sh
  All in one port scanning script.
  ☆67Updated 4 years ago
• In3tinct / Taken
  Takeover AWS ips and have a working POC for Subdomain Takeover.
  ☆88Updated 5 months ago
• kleiton0x00 / CORS-one-liner
  A one liner Bash command which finds CORS in every possible endpoint.
  ☆114Updated 3 years ago
• chennylmf / OWASP-Web-App-Pentesting-checklists
  ☆71Updated 4 years ago
• KathanP19 / protoscan
  Prototype Pollution Scanner
  ☆99Updated 3 years ago
• KingOfBugbounty / KingRecon_DOD
  ☆71Updated 4 months ago
• ghostlulzhacks / s3brute
  s3 brute force tool
  ☆43Updated 3 years ago
• ShutdownRepo / httpmethods
  HTTP verb tampering & methods enumeration
  ☆51Updated 2 years ago
• JavierOlmedo / UltimateCMSWordlists
  📚 An ultimate collection wordlists of the best-known CMS
  ☆81Updated 3 months ago
• six2dez / degoogle_hunter
  Simple fork from degoogle original project with bug hunting purposes
  ☆86Updated 2 years ago
• w4fz5uck5 / OSWE
  OSWE Preparation
  ☆37Updated 5 years ago
• v1ll41n / H1-Report-Finder
  A burpsuite extension that helps security researchers find public security reports published on h1 based on the selected host
  ☆42Updated 4 years ago
• TheGetch / Burp-Suite-Pro-Scan-Profiles
  Custom scan profiles for use with Burp Suite Pro
  ☆100Updated 5 months ago
• gnothiseautonlw / burp-shell-fwd-lfi
  A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration
  ☆76Updated 4 years ago
• raverrr / plution
  Prototype pollution scanner using headless chrome
  ☆196Updated 2 years ago
• roottusk / xforwardy
  Host Header Injection Scanner
  ☆44Updated 3 years ago
• k3nundrum / CRTP
  Notes for CRTP
  ☆38Updated 3 years ago