gh0st359 / xserumLinks
XSerum is a powerful web attack payload generator designed for red teamers, ethical hackers, and researchers. It supports a wide range of attack types including XSS, CSRF, HTML Injection, CSP Bypass, and more — with advanced obfuscation techniques and customizable output formats.
☆21Updated 6 months ago
Alternatives and similar repositories for xserum
Users that are interested in xserum are comparing it to the libraries listed below
Sorting:
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆107Updated last year
- quick and dirty proof-of-concept to hide shells in images☆51Updated last year
- 🎒 An up-to-date collection of precompiled binaries and hacking scripts.☆43Updated last month
- Vast.ai Password Kracking☆87Updated last week
- Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve cli…☆79Updated last year
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing☆51Updated 7 months ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Updated last year
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters☆125Updated 7 months ago
- A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit☆111Updated last year
- A powerful shell script for creating custom WSL (Windows Subsystem for Linux) distributions with embedded payloads.☆71Updated 2 months ago
- The following code when compiled in go takes a domain name as an argument and outputs an HTML file with Google Search links for various d…☆15Updated last year
- MailFail identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdoma…☆84Updated 2 months ago
- A script to automate keystrokes through a graphical desktop program.☆34Updated 4 months ago
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.☆122Updated last year
- ☆78Updated last year
- EyeSpy is a PowerShell tool for finding IP Cameras and spraying credentials at the underlying RTSP streams if present.☆89Updated last year
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆51Updated last year
- ✉️ HTML Smuggling generator&obfuscator for your Red Team operations☆167Updated last year
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆78Updated 11 months ago
- Script to perform some hashcracking logic automagically☆76Updated 2 months ago
- This script analyzes the DCSync output file from several tools (such as Mimikatz, Secretsdump and SharpKatz...)☆62Updated 7 months ago
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.☆61Updated last year
- Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.☆65Updated last year
- Scraping Kit is made up of several tools for scraping services for keywords, useful for initial enumeration of Domain Controllers or if y…☆99Updated 2 years ago
- A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its mini…☆129Updated 2 months ago
- A small executable to trick a user to authenticate using code matching MFA☆69Updated 2 years ago
- Lifetime AMSI bypass.☆35Updated 6 months ago
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…☆117Updated 9 months ago
- GrizzlyTunnel is a automation script designed to create seamless Layer 3 VPN like tunnels over SSH.☆26Updated 10 months ago
- ☆21Updated 7 months ago