Stealing CSRF tokens with CSS injection (without iFrames)
☆324Feb 7, 2018Updated 8 years ago
Alternatives and similar repositories for cssInjection
Users that are interested in cssInjection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆104Jun 1, 2018Updated 7 years ago
- ☆334Jan 8, 2018Updated 8 years ago
- XSS in pastebin.com and reddit.com via unsanitized markdown output☆88Apr 24, 2018Updated 8 years ago
- Windows passwords decryption from dump files☆515Feb 2, 2023Updated 3 years ago
- Abusing Self-XSS and Clickjacking to trigger XSS☆136Mar 18, 2017Updated 9 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Tool written in python3 to determine where the AV signature is located in a binary/payload☆315Mar 24, 2018Updated 8 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆305Oct 14, 2018Updated 7 years ago
- A tiny and cute URL fuzzer☆403Nov 10, 2022Updated 3 years ago
- ☆28Oct 16, 2017Updated 8 years ago
- ☆162Dec 7, 2017Updated 8 years ago
- RFD Checker - security CLI tool to test Reflected File Download issues☆64Feb 26, 2019Updated 7 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆83Sep 19, 2017Updated 8 years ago
- Autoexploitation of some of the most common vulnerabilities in wild☆125Jun 22, 2018Updated 7 years ago
- Phishing on Twitter☆254Jun 21, 2018Updated 7 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A toolset to track and organize output of reconnaissance tools☆347Jan 3, 2018Updated 8 years ago
- Chrome < 62 uxss exploit (CVE-2017-5124)☆160Nov 14, 2017Updated 8 years ago
- An example of obtaining RCE via Redis and CSRF☆76Sep 11, 2016Updated 9 years ago
- A collection of curated Java Deserialization Exploits☆592May 16, 2021Updated 5 years ago
- RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: h…☆307Oct 18, 2017Updated 8 years ago
- Find interesting Amazon S3 Buckets by watching certificate transparency logs.☆1,807Feb 28, 2025Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,494Oct 12, 2024Updated last year
- DNS Rebinding Exploitation Framework☆492Apr 27, 2021Updated 5 years ago
- Collection of social engineering payloads☆299Oct 19, 2017Updated 8 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …☆224Dec 7, 2022Updated 3 years ago
- Nameserver DNS poisoning attacks made easy☆526Feb 26, 2017Updated 9 years ago
- macOS 10.13.3 (17D47) Safari Wasm Exploit☆120Apr 19, 2018Updated 8 years ago
- ZIP File Raider - Burp Extension for ZIP File Payload Testing☆72Aug 31, 2020Updated 5 years ago
- Exploit code developed/reproduced by me☆89Jan 25, 2023Updated 3 years ago
- Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution☆396Oct 11, 2017Updated 8 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆628Feb 5, 2019Updated 7 years ago
- Script to test if a server is vulnerable to the JetLeak vulnerability☆144Jul 1, 2016Updated 9 years ago
- Interactive shellcoding environment to easily craft shellcodes☆911Feb 26, 2021Updated 5 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆259Aug 22, 2021Updated 4 years ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,045Nov 24, 2019Updated 6 years ago
- MSDAT: Microsoft SQL Database Attacking Tool☆995Aug 1, 2023Updated 2 years ago
- swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searc…☆531Jun 26, 2021Updated 4 years ago
- Tools for auditing WAFS☆468Nov 24, 2020Updated 5 years ago
- Remote Recon and Collection☆461Nov 23, 2017Updated 8 years ago
- Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.☆638Jul 16, 2023Updated 2 years ago