gh0st359 / xserum
XSerum is a powerful web attack payload generator designed for red teamers, ethical hackers, and researchers. It supports a wide range of attack types including XSS, CSRF, HTML Injection, CSP Bypass, and more — with advanced obfuscation techniques and customizable output formats.
☆14Updated last month
Alternatives and similar repositories for xserum
Users that are interested in xserum are comparing it to the libraries listed below
Sorting:
- Lifetime AMSI bypass.☆35Updated 3 weeks ago
- Python3 utility for creating zip files that smuggle additional data for later extraction☆118Updated this week
- Go ransomware leveraging ChaCha20 and ECIES encryption with a web-based control panel.☆30Updated 2 weeks ago
- 🎒 An up-to-date collection of precompiled binaries and hacking scripts.☆41Updated 3 months ago
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing☆48Updated 2 months ago
- ☆58Updated 7 months ago
- A script to automate keystrokes through a graphical desktop program.☆35Updated 3 months ago
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆75Updated 5 months ago
- A small executable to trick a user to authenticate using code matching MFA☆69Updated last year
- Situational Awareness script to identify how and where to run implants☆49Updated 5 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated last month
- A C2 framework built for my bachelors thesis☆55Updated 6 months ago
- Persist like a Dodder☆33Updated this week
- Automated Evilginx phishlet creator Extension for Burpsuite☆50Updated 4 months ago
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆19Updated 2 months ago
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆95Updated last year
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters☆81Updated last month
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆82Updated 2 months ago
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.☆61Updated 8 months ago
- Repo for all my exploits/PoCs☆50Updated last week
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…☆110Updated 4 months ago
- POC for CVE-2024-3183 (FreeIPA Rosting)☆21Updated 8 months ago
- Inject RDPThief into memory with PowerShell.☆63Updated 3 months ago
- quick and dirty proof-of-concept to hide shells in images☆50Updated 10 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆89Updated 2 weeks ago
- Explore and filter your GitHub starred repositories☆27Updated last year
- Deploy a phishing infrastructure on the fly.☆68Updated 4 months ago
- A tool to dump users's .plist on a Mac OS system and to convert them into a crackable hash☆51Updated 7 months ago
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆44Updated last year
- PowerShell script to generate ShellCode in various formats☆41Updated 7 months ago