XSS payloads for exploiting Markdown syntax
☆492Oct 12, 2024Updated last year
Alternatives and similar repositories for Markdown-XSS-Payloads
Users that are interested in Markdown-XSS-Payloads are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Payloads for CRLF Injection☆227Oct 12, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- Open Redirect Payloads☆655Oct 12, 2024Updated last year
- subdomain bruteforce list☆101Oct 12, 2024Updated last year
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆217Oct 12, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A tool for embedding XXE/XML exploits into different filetypes☆1,136Dec 16, 2024Updated last year
- CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4☆68Feb 3, 2020Updated 6 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆679Jan 28, 2024Updated 2 years ago
- HTTP file upload scanner for Burp Proxy☆491Dec 25, 2023Updated 2 years ago
- 🔪Browser logic vulnerabilities☆699Jan 23, 2021Updated 5 years ago
- Awesome XSS stuff☆5,074Oct 30, 2024Updated last year
- This tool can be used to brute discover GET and POST parameters☆1,396Aug 24, 2019Updated 6 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- Browser's XSS Filter Bypass Cheat Sheet☆1,152May 6, 2017Updated 8 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆628Feb 5, 2019Updated 7 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,787Apr 26, 2024Updated last year
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 6 years ago
- A python script that finds endpoints in JavaScript files☆4,309Apr 13, 2024Updated last year
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- Automatic SSRF fuzzer and exploitation tool☆3,505Sep 4, 2025Updated 6 months ago
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆2,251Jan 8, 2026Updated 2 months ago
- List of XSS Vectors/Payloads☆1,366Jan 14, 2026Updated 2 months ago
- DNS Takeover tool written in Go☆2,034Mar 16, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Automatic tool for DNS rebinding-based SSRF attacks☆304Aug 21, 2020Updated 5 years ago
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,399Sep 14, 2023Updated 2 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆583Sep 7, 2021Updated 4 years ago
- The XSS Hunter service - a portable version of XSSHunter.com☆1,543Dec 7, 2022Updated 3 years ago
- ☆16Feb 26, 2018Updated 8 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,907Sep 27, 2021Updated 4 years ago
- Potentially dangerous files☆3,289Aug 25, 2025Updated 7 months ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Dec 23, 2022Updated 3 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆549Jun 12, 2017Updated 8 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- The cheat sheet about Java Deserialization vulnerabilities☆3,173May 26, 2023Updated 2 years ago
- ☆332Jan 8, 2018Updated 8 years ago
- Client Side Prototype Pollution Scanner☆523Sep 17, 2022Updated 3 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,131Apr 21, 2024Updated last year
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- A Powerful Subdomain Takeover Tool☆962Oct 17, 2023Updated 2 years ago