dxa4481 / cssInjection
Stealing CSRF tokens with CSS injection (without iFrames)
☆320Updated 7 years ago
Alternatives and similar repositories for cssInjection:
Users that are interested in cssInjection are comparing it to the libraries listed below
- A Burp Suite content discovery plugin that add the smart into the Buster!☆383Updated 4 years ago
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆166Updated last year
- DNS Rebinding Exploitation Framework☆488Updated 3 years ago
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆275Updated 4 years ago
- Fast subdomains enumeration tool for penetration testers☆117Updated 6 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆227Updated 6 years ago
- Local Privilege Escalation☆206Updated 8 years ago
- Use your Shodan API Key to dump all the contents of exposed memcached servers.☆142Updated 7 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆493Updated 3 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆141Updated 7 years ago
- ☆326Updated 7 years ago
- Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.☆356Updated 2 years ago
- ☆206Updated 4 years ago
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions☆220Updated 3 years ago
- Abusing Self-XSS and Clickjacking to trigger XSS☆132Updated 8 years ago
- [depreciated] Terminal dashboard for bug bounty hunters that use HackerOne and Bugcrowd☆191Updated 9 years ago
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆254Updated 9 months ago
- Various Tools and Docker Images☆279Updated 6 years ago
- An extremely fast and flexible web fuzzer☆217Updated 2 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆468Updated 5 years ago
- A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)☆642Updated 3 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆257Updated 3 years ago
- You're a #pentester and you totally pwn that linux box, congrats! Now what? You can launch gimmecredz.sh which will try to extract all p…☆169Updated 5 years ago
- ⚠️WARNING: This project now become part of https://github.com/j3ssie/Metabigor project☆176Updated 5 years ago
- A project designed to parse public source code repositories and find various types of vulnerabilities.☆191Updated 7 years ago
- Shodan HQ nmap plugin - passively scan targets☆153Updated 9 years ago
- Probe a rendering engine for vulnerabilities and other features☆367Updated 3 years ago
- Pillage web accessible GIT, HG and BZR repositories☆316Updated 8 years ago
- An exploit for Apache Struts CVE-2018-11776☆301Updated 6 years ago
- Burp-Automator: A Burp Suite Automation Tool with Slack Integration. It can be used with Jenkins and Selenium to automate Dynamic Applica…☆481Updated 6 years ago