XSS payloads for exploiting Markdown syntax
☆496Oct 12, 2024Updated last year
Alternatives and similar repositories for Markdown-XSS-Payloads
Users that are interested in Markdown-XSS-Payloads are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Payloads for CRLF Injection☆228Oct 12, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,507Oct 12, 2024Updated last year
- Open Redirect Payloads☆662Oct 12, 2024Updated last year
- subdomain bruteforce list☆103Oct 12, 2024Updated last year
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆219Oct 12, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A tool for embedding XXE/XML exploits into different filetypes☆1,173Dec 16, 2024Updated last year
- CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4☆69Feb 3, 2020Updated 6 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆683Jan 28, 2024Updated 2 years ago
- HTTP file upload scanner for Burp Proxy☆494Dec 25, 2023Updated 2 years ago
- 🔪Browser logic vulnerabilities☆705Jan 23, 2021Updated 5 years ago
- Awesome XSS stuff☆5,125Oct 30, 2024Updated last year
- This tool can be used to brute discover GET and POST parameters☆1,394Aug 24, 2019Updated 6 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆519Jul 29, 2020Updated 5 years ago
- Browser's XSS Filter Bypass Cheat Sheet☆1,155May 6, 2017Updated 9 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆632Feb 5, 2019Updated 7 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,807Apr 26, 2024Updated 2 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 7 years ago
- A python script that finds endpoints in JavaScript files☆4,404Apr 13, 2024Updated 2 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- Automatic SSRF fuzzer and exploitation tool☆3,583Sep 4, 2025Updated 10 months ago
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆2,315Jun 5, 2026Updated last month
- List of XSS Vectors/Payloads☆1,388Jan 14, 2026Updated 5 months ago
- DNS Takeover tool written in Go☆2,100Updated this week
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Automatic tool for DNS rebinding-based SSRF attacks☆306Aug 21, 2020Updated 5 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,499Sep 14, 2023Updated 2 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆582Sep 7, 2021Updated 4 years ago
- The XSS Hunter service - a portable version of XSSHunter.com☆1,555Dec 7, 2022Updated 3 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,954Sep 27, 2021Updated 4 years ago
- Potentially dangerous files☆3,313Aug 25, 2025Updated 10 months ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆43Dec 23, 2022Updated 3 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆549Jun 12, 2017Updated 9 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- The cheat sheet about Java Deserialization vulnerabilities☆3,179May 26, 2023Updated 3 years ago
- ☆334Jan 8, 2018Updated 8 years ago
- Client Side Prototype Pollution Scanner☆529Sep 17, 2022Updated 3 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆609May 17, 2019Updated 7 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,182Apr 21, 2024Updated 2 years ago
- CVE-2017-9506 - SSRF☆192Feb 14, 2022Updated 4 years ago
- A Powerful Subdomain Takeover Tool☆966Oct 17, 2023Updated 2 years ago