XSS payloads for exploiting Markdown syntax
☆493Oct 12, 2024Updated last year
Alternatives and similar repositories for Markdown-XSS-Payloads
Users that are interested in Markdown-XSS-Payloads are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Payloads for CRLF Injection☆227Oct 12, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,493Oct 12, 2024Updated last year
- Open Redirect Payloads☆657Oct 12, 2024Updated last year
- subdomain bruteforce list☆101Oct 12, 2024Updated last year
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆216Oct 12, 2024Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A tool for embedding XXE/XML exploits into different filetypes☆1,166Dec 16, 2024Updated last year
- CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4☆69Feb 3, 2020Updated 6 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆682Jan 28, 2024Updated 2 years ago
- HTTP file upload scanner for Burp Proxy☆490Dec 25, 2023Updated 2 years ago
- 🔪Browser logic vulnerabilities☆702Jan 23, 2021Updated 5 years ago
- Awesome XSS stuff☆5,105Oct 30, 2024Updated last year
- This tool can be used to brute discover GET and POST parameters☆1,394Aug 24, 2019Updated 6 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- Browser's XSS Filter Bypass Cheat Sheet☆1,152May 6, 2017Updated 9 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆628Feb 5, 2019Updated 7 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,799Apr 26, 2024Updated 2 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 6 years ago
- A python script that finds endpoints in JavaScript files☆4,335Apr 13, 2024Updated 2 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- Automatic SSRF fuzzer and exploitation tool☆3,534Sep 4, 2025Updated 8 months ago
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆2,274Jan 8, 2026Updated 3 months ago
- List of XSS Vectors/Payloads☆1,372Jan 14, 2026Updated 3 months ago
- DNS Takeover tool written in Go☆2,057Mar 16, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Automatic tool for DNS rebinding-based SSRF attacks☆305Aug 21, 2020Updated 5 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,463Sep 14, 2023Updated 2 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆584Sep 7, 2021Updated 4 years ago
- The XSS Hunter service - a portable version of XSSHunter.com☆1,546Dec 7, 2022Updated 3 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,929Sep 27, 2021Updated 4 years ago
- Potentially dangerous files☆3,299Aug 25, 2025Updated 8 months ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Dec 23, 2022Updated 3 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆549Jun 12, 2017Updated 8 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- The cheat sheet about Java Deserialization vulnerabilities☆3,175May 26, 2023Updated 2 years ago
- ☆333Jan 8, 2018Updated 8 years ago
- Client Side Prototype Pollution Scanner☆525Sep 17, 2022Updated 3 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,152Apr 21, 2024Updated 2 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆608May 17, 2019Updated 6 years ago
- CVE-2017-9506 - SSRF☆191Feb 14, 2022Updated 4 years ago
- A Powerful Subdomain Takeover Tool☆964Oct 17, 2023Updated 2 years ago