Abusing Self-XSS and Clickjacking to trigger XSS
☆136Mar 18, 2017Updated 8 years ago
Alternatives and similar repositories for XSSJacking
Users that are interested in XSSJacking are comparing it to the libraries listed below
Sorting:
- Stealing CSRF tokens with CSS injection (without iFrames)☆322Feb 7, 2018Updated 8 years ago
- Allows you to trace where inputs are reflected back to the user.☆37Oct 12, 2017Updated 8 years ago
- A Burp Suite extension that automatically marks similar requests as 'out-of-scope'.☆43May 1, 2020Updated 5 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆29Sep 16, 2018Updated 7 years ago
- RFD Checker - security CLI tool to test Reflected File Download issues☆64Feb 26, 2019Updated 7 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆60Apr 18, 2017Updated 8 years ago
- PoC code for crashing windows active directory☆35Sep 19, 2018Updated 7 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆227May 8, 2018Updated 7 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆116Mar 29, 2019Updated 6 years ago
- ☆20Jun 2, 2016Updated 9 years ago
- MalRecon - Basic Malware Reconnaissance and Analysis Tool☆26Jun 8, 2017Updated 8 years ago
- AWS Extender (Cloud Storage Tester) is a Burp plugin to assess permissions of cloud storage containers on AWS, Google Cloud and Azure.☆256Feb 23, 2022Updated 4 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆305Oct 14, 2018Updated 7 years ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Jun 29, 2015Updated 10 years ago
- A demo of altering an opened tab after a timer☆123Jun 11, 2016Updated 9 years ago
- POC for CVE-2018-15685☆42Aug 24, 2018Updated 7 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Nov 7, 2017Updated 8 years ago
- Provide a sort of shell-ish interface to make file directory traversal quicker and easier.☆24Jan 1, 2017Updated 9 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆141May 25, 2017Updated 8 years ago
- Nodejs application intentionally vulnerable to SSRF☆42May 12, 2023Updated 2 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆379Oct 12, 2020Updated 5 years ago
- BinProxy is a proxy for arbitrary TCP connections. You can define custom message formats using the BinData gem.☆176Dec 1, 2022Updated 3 years ago
- XSSB is a proactive DOM sanitizer, defending against client-side injection attacks!☆38Aug 26, 2018Updated 7 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,130Dec 16, 2024Updated last year
- Next-gen BurpSuite penetration testing tool☆460Jan 27, 2016Updated 10 years ago
- ☆332Jan 8, 2018Updated 8 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆185May 27, 2020Updated 5 years ago
- Takes ip range, Scan all open SSL Certs, Grab Cnames☆113Sep 23, 2018Updated 7 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 8 years ago
- Writeups for various crackmes, CTFs, wargames, etc.☆15Apr 21, 2017Updated 8 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆318May 22, 2023Updated 2 years ago
- Nameserver DNS poisoning attacks made easy☆526Feb 26, 2017Updated 9 years ago
- a tiny tool for swf hacking, just browse it:)☆243Mar 13, 2013Updated 12 years ago
- Analysing parameters with all payloads' bypass methods, aiming at benchmarking security solutions like WAF.☆224Oct 16, 2023Updated 2 years ago
- Proof-of-Concept scripts for various issues.☆14Jan 23, 2017Updated 9 years ago
- Local enumeration and exploitation framework.☆18Aug 16, 2017Updated 8 years ago
- BountyDash is a tool to combine your rewards from all platforms, giving you insights about your progress and bug hunting patterns.☆163Apr 24, 2025Updated 10 months ago
- Post-exploitation scripts for OS X persistence and privesc☆73Apr 12, 2017Updated 8 years ago
- A collection of scripts made duing my personal research☆29Sep 27, 2018Updated 7 years ago