XSS payloads for exploiting Markdown syntax
☆492Oct 12, 2024Updated last year
Alternatives and similar repositories for Markdown-XSS-Payloads
Users that are interested in Markdown-XSS-Payloads are comparing it to the libraries listed below
Sorting:
- Payloads for CRLF Injection☆227Oct 12, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- Open Redirect Payloads☆654Oct 12, 2024Updated last year
- subdomain bruteforce list☆101Oct 12, 2024Updated last year
- A tool for embedding XXE/XML exploits into different filetypes☆1,130Dec 16, 2024Updated last year
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆217Oct 12, 2024Updated last year
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆677Jan 28, 2024Updated 2 years ago
- CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4☆68Feb 3, 2020Updated 6 years ago
- HTTP file upload scanner for Burp Proxy☆490Dec 25, 2023Updated 2 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- 🔪Browser logic vulnerabilities☆697Jan 23, 2021Updated 5 years ago
- Awesome XSS stuff☆5,066Oct 30, 2024Updated last year
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆2,244Jan 8, 2026Updated last month
- Browser's XSS Filter Bypass Cheat Sheet☆1,150May 6, 2017Updated 8 years ago
- This tool can be used to brute discover GET and POST parameters☆1,394Aug 24, 2019Updated 6 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- Automatic SSRF fuzzer and exploitation tool☆3,489Sep 4, 2025Updated 6 months ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 6 years ago
- List of XSS Vectors/Payloads☆1,364Jan 14, 2026Updated last month
- A python script that finds endpoints in JavaScript files☆4,294Apr 13, 2024Updated last year
- Subdomain Takeover tool written in Go☆2,033Aug 13, 2023Updated 2 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆628Feb 5, 2019Updated 7 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,382Sep 14, 2023Updated 2 years ago
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,903Sep 27, 2021Updated 4 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆584Sep 7, 2021Updated 4 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Dec 23, 2022Updated 3 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,123Apr 21, 2024Updated last year
- Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive)☆62Jul 2, 2019Updated 6 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,716Dec 1, 2024Updated last year
- Potentially dangerous files☆3,275Aug 25, 2025Updated 6 months ago
- JShell - Get a JavaScript shell with XSS.☆532May 5, 2019Updated 6 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆304Aug 21, 2020Updated 5 years ago
- ☆2,316Dec 8, 2023Updated 2 years ago
- A Powerful Subdomain Takeover Tool☆964Oct 17, 2023Updated 2 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,167May 26, 2023Updated 2 years ago