dxa4481 / cssInjection
Stealing CSRF tokens with CSS injection (without iFrames)
☆318Updated 6 years ago
Alternatives and similar repositories for cssInjection:
Users that are interested in cssInjection are comparing it to the libraries listed below
- Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.☆355Updated 2 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆226Updated 6 years ago
- Abusing Self-XSS and Clickjacking to trigger XSS☆130Updated 7 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆383Updated 4 years ago
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆164Updated last year
- Local Privilege Escalation☆205Updated 7 years ago
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆273Updated 3 years ago
- DNS Rebinding Exploitation Framework☆488Updated 3 years ago
- Fierce.pl Domain Scanner☆296Updated 5 years ago
- Use your Shodan API Key to dump all the contents of exposed memcached servers.☆142Updated 6 years ago
- [depreciated] Terminal dashboard for bug bounty hunters that use HackerOne and Bugcrowd☆190Updated 8 years ago
- Nameserver DNS poisoning attacks made easy☆516Updated 7 years ago
- An automated XSS payload generator written in python.☆319Updated 8 years ago
- A tool to find and exploit servers vulnerable to Shellshock☆334Updated last year
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆141Updated 7 years ago
- Fast subdomains enumeration tool for penetration testers☆117Updated 5 years ago
- Shodan HQ nmap plugin - passively scan targets☆152Updated 8 years ago
- Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution☆391Updated 7 years ago
- ☆206Updated 3 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆466Updated 5 years ago
- "Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protecti…☆135Updated 7 years ago
- You're a #pentester and you totally pwn that linux box, congrats! Now what? You can launch gimmecredz.sh which will try to extract all p…☆168Updated 5 years ago
- Probe a rendering engine for vulnerabilities and other features☆366Updated 3 years ago
- a CLI for ephemeral penetration testing☆8Updated 5 years ago
- SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…☆384Updated 6 years ago
- Chrome < 62 uxss exploit (CVE-2017-5124)☆161Updated 7 years ago
- An exploit for Apache Struts CVE-2017-9805☆249Updated 7 years ago
- A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network☆570Updated 7 years ago
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆491Updated 3 years ago
- This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is f…☆160Updated 3 years ago