Stealing CSRF tokens with CSS injection (without iFrames)
☆324Feb 7, 2018Updated 8 years ago
Alternatives and similar repositories for cssInjection
Users that are interested in cssInjection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Burp Suite plugin created for using Collaborator tool during manual testing in a comfortable way!☆103Jun 1, 2018Updated 8 years ago
- ☆334Jan 8, 2018Updated 8 years ago
- XSS in pastebin.com and reddit.com via unsanitized markdown output☆88Apr 24, 2018Updated 8 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- Windows passwords decryption from dump files☆516Feb 2, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Abusing Self-XSS and Clickjacking to trigger XSS☆136Mar 18, 2017Updated 9 years ago
- Tool written in python3 to determine where the AV signature is located in a binary/payload☆315Mar 24, 2018Updated 8 years ago
- Automated reconnaissance wrapper — TomNomNom's meg on steroids. [DEPRECATED]☆305Oct 14, 2018Updated 7 years ago
- A tiny and cute URL fuzzer☆403Nov 10, 2022Updated 3 years ago
- ☆28Oct 16, 2017Updated 8 years ago
- ☆163Dec 7, 2017Updated 8 years ago
- RFD Checker - security CLI tool to test Reflected File Download issues☆64Feb 26, 2019Updated 7 years ago
- Autoexploitation of some of the most common vulnerabilities in wild☆125Jun 22, 2018Updated 7 years ago
- Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid…☆85Sep 19, 2017Updated 8 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Phishing on Twitter☆255Jun 21, 2018Updated 7 years ago
- A toolset to track and organize output of reconnaissance tools☆347Jan 3, 2018Updated 8 years ago
- Chrome < 62 uxss exploit (CVE-2017-5124)☆160Nov 14, 2017Updated 8 years ago
- An example of obtaining RCE via Redis and CSRF☆76Sep 11, 2016Updated 9 years ago
- A collection of curated Java Deserialization Exploits☆593May 16, 2021Updated 5 years ago
- RedSails is a Python based post-exploitation project aimed at bypassing host based security monitoring and logging. DerbyCon 2017 Talk: h…☆307Oct 18, 2017Updated 8 years ago
- Find interesting Amazon S3 Buckets by watching certificate transparency logs.☆1,810Feb 28, 2025Updated last year
- SSRF (Server Side Request Forgery) testing resources☆2,498Oct 12, 2024Updated last year
- DNS Rebinding Exploitation Framework☆493Apr 27, 2021Updated 5 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Collection of social engineering payloads☆297Oct 19, 2017Updated 8 years ago
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains …☆224Dec 7, 2022Updated 3 years ago
- Nameserver DNS poisoning attacks made easy☆526Feb 26, 2017Updated 9 years ago
- macOS 10.13.3 (17D47) Safari Wasm Exploit☆120Apr 19, 2018Updated 8 years ago
- ZIP File Raider - Burp Extension for ZIP File Payload Testing☆73Aug 31, 2020Updated 5 years ago
- Exploit code developed/reproduced by me☆89Jan 25, 2023Updated 3 years ago
- Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution☆399Oct 11, 2017Updated 8 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆632Feb 5, 2019Updated 7 years ago
- Script to test if a server is vulnerable to the JetLeak vulnerability☆144Jul 1, 2016Updated 9 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Interactive shellcoding environment to easily craft shellcodes☆911Feb 26, 2021Updated 5 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆259Aug 22, 2021Updated 4 years ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,047Nov 24, 2019Updated 6 years ago
- MSDAT: Microsoft SQL Database Attacking Tool☆998Aug 1, 2023Updated 2 years ago
- swap_digger is a tool used to automate Linux swap analysis during post-exploitation or forensics. It automates swap extraction and searc…☆533Jun 26, 2021Updated 4 years ago
- Tools for auditing WAFS☆468Nov 24, 2020Updated 5 years ago
- Remote Recon and Collection☆461Nov 23, 2017Updated 8 years ago