gh0st359 / xserumLinks
XSerum is a powerful web attack payload generator designed for red teamers, ethical hackers, and researchers. It supports a wide range of attack types including XSS, CSRF, HTML Injection, CSP Bypass, and more — with advanced obfuscation techniques and customizable output formats.
☆18Updated 2 months ago
Alternatives and similar repositories for xserum
Users that are interested in xserum are comparing it to the libraries listed below
Sorting:
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing☆49Updated 3 months ago
- 🎒 An up-to-date collection of precompiled binaries and hacking scripts.☆41Updated this week
- C2 writen in Rust & Go powered by Tor network.☆82Updated this week
- Lifetime AMSI bypass.☆35Updated 2 months ago
- A script to automate keystrokes through a graphical desktop program.☆35Updated 2 weeks ago
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆76Updated 7 months ago
- Vast.ai Password Kracking☆69Updated last week
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆19Updated 5 months ago
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters☆85Updated 3 months ago
- Advanced phishing tool, browser-based data capture, and realistic login page emulation.☆1Updated 2 weeks ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆106Updated last year
- Situational Awareness script to identify how and where to run implants☆52Updated 6 months ago
- A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its mini…☆57Updated last month
- quick and dirty proof-of-concept to hide shells in images☆50Updated last year
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆51Updated 3 months ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆51Updated 8 months ago
- The following code when compiled in go takes a domain name as an argument and outputs an HTML file with Google Search links for various d…☆13Updated 9 months ago
- Persist like a Dodder☆61Updated last month
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆19Updated 4 months ago
- UAC Bypass using CMSTP in Rust☆27Updated 6 months ago
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆34Updated 7 months ago
- Repo for all my exploits/PoCs☆51Updated last month
- Living off the land searches for explorer and sharepoint☆87Updated 2 months ago
- Create a private Discord CTI "Dashboard" using various Discord bots It,'s a simple and effective way to stay informed and up-to-date on t…☆16Updated 2 years ago
- ☆109Updated 3 weeks ago
- A repo of scripts I find helpful for daily tasks.☆29Updated last year
- Automated Evilginx phishlet creator Extension for Burpsuite☆52Updated 5 months ago
- Deathstar is an Empire plugin that automates gaining Domain and/or Enterprise Admin rights in Active Directory environments using common …☆19Updated 3 months ago
- CaptainCredz is a modular and discreet password-spraying tool.☆114Updated 3 weeks ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆84Updated 3 months ago