dxa4481 / cssInjection
Stealing CSRF tokens with CSS injection (without iFrames)
☆318Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for cssInjection
- A Burp Suite content discovery plugin that add the smart into the Buster!☆383Updated 4 years ago
- Brosec - An interactive reference tool to help security professionals utilize useful payloads and commands.☆354Updated last year
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆270Updated 3 years ago
- Fast subdomains enumeration tool for penetration testers☆117Updated 5 years ago
- An automated XSS payload generator written in python.☆316Updated 8 years ago
- Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution☆390Updated 7 years ago
- Local Privilege Escalation☆203Updated 7 years ago
- ☆318Updated 6 years ago
- Abusing Self-XSS and Clickjacking to trigger XSS☆130Updated 7 years ago
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆253Updated 5 months ago
- A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)☆627Updated 2 years ago
- ☆207Updated 3 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆141Updated 7 years ago
- Burp Extender plugin that generates a sitemap of a website using Wayback Machine☆225Updated 6 years ago
- Probe a rendering engine for vulnerabilities and other features☆366Updated 3 years ago
- Pillage web accessible GIT, HG and BZR repositories☆314Updated 7 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆257Updated 3 years ago
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆163Updated last year
- DNS Rebinding Exploitation Framework☆482Updated 3 years ago
- Use your Shodan API Key to dump all the contents of exposed memcached servers.☆143Updated 6 years ago
- A tool to find and exploit servers vulnerable to Shellshock☆333Updated last year
- A collection of all the lists, scripts and techniques I use while doing web application penetration tests.☆168Updated 8 years ago
- This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is f…☆160Updated 2 years ago
- An exploit for Apache Struts CVE-2018-11776☆301Updated 6 years ago