gh0st359 / xserumLinks
XSerum is a powerful web attack payload generator designed for red teamers, ethical hackers, and researchers. It supports a wide range of attack types including XSS, CSRF, HTML Injection, CSP Bypass, and more — with advanced obfuscation techniques and customizable output formats.
☆21Updated 5 months ago
Alternatives and similar repositories for xserum
Users that are interested in xserum are comparing it to the libraries listed below
Sorting:
- payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter☆107Updated last year
- Weaponized EvilnoVNC: Scalable and semi-automated MFA-Phishing☆51Updated 7 months ago
- 🎒 An up-to-date collection of precompiled binaries and hacking scripts.☆43Updated last week
- Vast.ai Password Kracking☆86Updated 3 months ago
- A BYOSI (Bring-Your-Own-Script-Interpreter) Rapid Payload Deployment Toolkit☆94Updated last year
- A powerful shell script for creating custom WSL (Windows Subsystem for Linux) distributions with embedded payloads.☆70Updated last month
- quick and dirty proof-of-concept to hide shells in images☆50Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆166Updated last year
- smugglo - an easy to use script for wrapping files into self-dropping HTML payloads to bypass content filters☆123Updated 6 months ago
- ACEshark is a utility designed for rapid extraction and analysis of Windows service configurations and Access Control Entries, eliminatin…☆115Updated 8 months ago
- Fully automated windows credentials dumper, for SAM (classic passwords) and WINHELLO (pins). Requires to be run from a linux machine with…☆77Updated 10 months ago
- ☆21Updated 7 months ago
- SprayShark is a modular G-Suite password sprayer with threading!☆52Updated 4 months ago
- Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve cli…☆78Updated last year
- Scraping Kit is made up of several tools for scraping services for keywords, useful for initial enumeration of Domain Controllers or if y…☆99Updated 2 years ago
- ☆78Updated last year
- MailFail identifies and provides commands to exploit a large number of email-related misconfigurations for the current domain and subdoma…☆84Updated last month
- Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts.☆121Updated last year
- A powershell module for hiding payloads in the pixels of images☆79Updated last year
- EyeSpy is a PowerShell tool for finding IP Cameras and spraying credentials at the underlying RTSP streams if present.☆88Updated last year
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆87Updated 7 months ago
- Protection against HTML smuggling attacks.☆99Updated 3 months ago
- macos stealer poc☆124Updated 2 months ago
- BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.☆43Updated 3 months ago
- Modular framework for automating triaging, malware analysis, and analyst workflows☆41Updated 5 months ago
- APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…☆52Updated 7 months ago
- Inboxfuscation is an advanced offensive & defensive framework for mailbox rule obfuscation and detection in Exchange environments.☆75Updated last month
- The tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.☆61Updated last year
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆83Updated last month
- Deploy a phishing infrastructure on the fly.☆75Updated 9 months ago