gh0st359 / xserumLinks
XSerum is a powerful web attack payload generator designed for red teamers, ethical hackers, and researchers. It supports a wide range of attack types including XSS, CSRF, HTML Injection, CSP Bypass, and more β with advanced obfuscation techniques and customizable output formats.
β21Updated 4 months ago
Alternatives and similar repositories for xserum
Users that are interested in xserum are comparing it to the libraries listed below
Sorting:
- π An up-to-date collection of precompiled binaries and hacking scripts.β42Updated last month
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filterβ106Updated last year
- quick and dirty proof-of-concept to hide shells in imagesβ50Updated last year
- A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkitβ94Updated last year
- C2 writen in Rust & Go powered by Tor network.β131Updated 3 weeks ago
- Vast.ai Password Krackingβ84Updated 2 months ago
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filtersβ117Updated 5 months ago
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishingβ49Updated 5 months ago
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails cβ¦β167Updated 10 months ago
- MailFail identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdomaβ¦β81Updated 3 months ago
- Gain another host's network access permissions by establishing a stateful connection with a spoofed source IPβ81Updated 3 months ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hashβ51Updated 10 months ago
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatinβ¦β114Updated 7 months ago
- β78Updated last year
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.β120Updated last year
- Youtube as C2 channel - Control Windows systems uploading QR videos to Youtubeβ91Updated last year
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine withβ¦β77Updated 9 months ago
- The following code when compiled in go takes a domain name as an argument and outputs an HTML file with Google Search links for various dβ¦β14Updated 11 months ago
- Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve cliβ¦β80Updated 11 months ago
- βοΈ HTML Smuggling generator&obfuscator for your Red Team operationsβ163Updated last year
- Script to perform some hashcracking logic automagicallyβ73Updated last week
- EyeSpy is a PowerShell tool for finding IP Cameras and spraying credentials at the underlying RTSP streams if present.β87Updated 11 months ago
- Lifetime AMSI bypass.β35Updated 4 months ago
- A small executable to trick a user to authenticate using code matching MFAβ69Updated last year
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), aβ¦β52Updated 5 months ago
- Scraping Kit is made up of several tools for scraping services for keywords, useful for initial enumeration of Domain Controllers or if yβ¦β100Updated 2 years ago
- A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.β130Updated 7 months ago
- Modular framework for automating triaging, malware analysis, and analyst workflowsβ42Updated 4 months ago
- hiding in plain sight: part 2β45Updated last year
- A new AiTM attack framework β based on leveraging service workers β designed to conduct credential phishing campaigns. Thanks to its miniβ¦β66Updated 3 weeks ago