Sample code for exfiltrating data through an XSS vulnerability. XSS Payload retrieves sensitive data in victim's browser, then breaks it into chunks. Sends those chunks out as image requests (data in image filename). Example commands and python script to put the original data back together.
☆21May 11, 2021Updated 4 years ago
Alternatives and similar repositories for XSS-Data-Exfil
Users that are interested in XSS-Data-Exfil are comparing it to the libraries listed below
Sorting:
- 🚀 Sling Shot R3con: Automate Your Bug Bounty and Pentest Reconnaissance with Project Discovery tools 🎯☆25Sep 21, 2023Updated 2 years ago
- ☆16Feb 7, 2025Updated last year
- A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.☆10Apr 8, 2024Updated last year
- A python script for automating the collection of web pages with Hunchly.☆11Jan 11, 2021Updated 5 years ago
- A detailed guide to setting up a QEMU/KVM for gaming.☆13Nov 24, 2023Updated 2 years ago
- Les réflexions menées au cours du 404CTF 2023 pour résoudre les challenges proposés☆10Dec 16, 2023Updated 2 years ago
- The OWASP Testing Guide v4.2 Checlist [2023]☆13Jan 15, 2023Updated 3 years ago
- Resolve Skype accounts by phone number with API interface☆13Jul 16, 2023Updated 2 years ago
- IP-Finder is an Open Source Intelligence (OSINT) tool that helps collect IPs of Companies, Servers, Operating Systems and much more. It a…☆15May 2, 2022Updated 3 years ago
- Gathering All Nuclei Fuzzing Templates in a Single Repo.☆11Apr 23, 2024Updated last year
- Get notified instantly when your users of interest speak about something.☆10Mar 24, 2020Updated 5 years ago
- ☆13Oct 14, 2016Updated 9 years ago
- An OSINT tool to find data leaks on a targeted website☆17Mar 30, 2021Updated 4 years ago
- For finding secrets, tokens and other common mistakes made by developers.☆12Oct 21, 2025Updated 4 months ago
- ☆14Sep 1, 2024Updated last year
- Useful scripts for tampermonkey that I used during bug hunting. Will be updated "au fil de l'eau"☆17Jun 2, 2025Updated 9 months ago
- ☆10Nov 26, 2024Updated last year
- Update the IP address of a given domain using cPanel 2 API☆13Dec 3, 2018Updated 7 years ago
- This project includes a Python script for fine-tuning a text-to-speech (TTS) model. The script utilizes custom datasets and use CUDA for …☆13Oct 4, 2024Updated last year
- An open-source knowledge base for security researchers.☆18Jan 8, 2025Updated last year
- A very poor and very simple local face recognition search engine☆18Mar 23, 2024Updated last year
- pArAnoIA - Tiny "Secure" Browser☆12Nov 2, 2024Updated last year
- Accompanying material needed for the workshop☆11Jun 14, 2023Updated 2 years ago
- certstream + analytics☆11Jan 17, 2020Updated 6 years ago
- Gets Ads from the Facebook Ads Library☆12Jul 2, 2023Updated 2 years ago
- Identify vulnerabilities in your API's using the OpenAPI Security Scanner☆12Dec 6, 2018Updated 7 years ago
- A simple tool to convert network traffic directly into sound.☆14Aug 29, 2023Updated 2 years ago
- The PhoneNumberParser node is a useful tool for working with phone numbers in your n8n workflows☆14Jan 5, 2026Updated 2 months ago
- Passive subdomains and web directories recon using Bing.☆13Apr 30, 2018Updated 7 years ago
- Simple checker for ok.ru partial private data disclosure☆13Oct 5, 2023Updated 2 years ago
- A simple script to check for insecurely exposed git repositories.☆12Mar 17, 2019Updated 6 years ago
- A handy plugin for copying requests/responses directly from Burp, some extra magic included.☆13Oct 15, 2021Updated 4 years ago
- ☆11Sep 3, 2023Updated 2 years ago
- A framework to kickstart yourself in making malicious USB devices using ATTiny85.☆14Jun 11, 2025Updated 8 months ago
- A Multi-Threaded PE Export Collection Utility☆14May 13, 2023Updated 2 years ago
- A certificate generator/manager for the WiFi Pineapple NANO and TETRA☆12Jul 18, 2020Updated 5 years ago
- Discovery will gather DNS entry, subdomains and domains linked, all files publicly exposed to gather metadatas, check for dumps on Pasteb…☆14Mar 18, 2019Updated 6 years ago
- Get acquisitions by scraping titles of crunchbase.☆15Dec 18, 2024Updated last year
- DataReaper is a powerful Python tool designed to harvest data from publicly accessible HTTP servers. It combines the capabilities of Shod…☆13Jan 29, 2026Updated last month