gh0st359 / xserumLinks
XSerum is a powerful web attack payload generator designed for red teamers, ethical hackers, and researchers. It supports a wide range of attack types including XSS, CSRF, HTML Injection, CSP Bypass, and more — with advanced obfuscation techniques and customizable output formats.
☆20Updated 3 months ago
Alternatives and similar repositories for xserum
Users that are interested in xserum are comparing it to the libraries listed below
Sorting:
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing☆49Updated 5 months ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆106Updated last year
- Vast.ai Password Kracking☆80Updated last month
- 🎒 An up-to-date collection of precompiled binaries and hacking scripts.☆41Updated last week
- A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit☆91Updated last year
- quick and dirty proof-of-concept to hide shells in images☆50Updated last year
- Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve cli…☆78Updated 10 months ago
- MailFail identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdoma…☆77Updated 2 months ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.☆121Updated last year
- A script to automate keystrokes through a graphical desktop program.☆35Updated 2 months ago
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…☆113Updated 6 months ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆167Updated 10 months ago
- EyeSpy is a PowerShell tool for finding IP Cameras and spraying credentials at the underlying RTSP streams if present.☆86Updated 10 months ago
- A powershell module for hiding payloads in the pixels of images☆65Updated last year
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆77Updated 8 months ago
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters☆88Updated 4 months ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆51Updated 10 months ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆57Updated this week
- BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.☆39Updated last month
- Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.☆39Updated 3 months ago
- Slides and videos from talks given at cons☆24Updated last month
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.☆62Updated 11 months ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆85Updated 5 months ago
- Script to perform some hashcracking logic automagically☆73Updated last year
- Lifetime AMSI bypass.☆35Updated 3 months ago
- The following code when compiled in go takes a domain name as an argument and outputs an HTML file with Google Search links for various d…☆14Updated 11 months ago
- C2 writen in Rust & Go powered by Tor network.☆125Updated 3 weeks ago
- A repository preserving darknet market data, including vendor lists, PGP keys, listings, and more for research & intelligence purposes.☆42Updated last month
- A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its mini…☆64Updated last week
- A small executable to trick a user to authenticate using code matching MFA☆69Updated last year