Demo of various ways to exploit post based reflected XSS
☆18Jul 6, 2023Updated 2 years ago
Alternatives and similar repositories for postBasedXSS
Users that are interested in postBasedXSS are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Piper Burp Suite Extender plugin☆16Jan 15, 2026Updated 4 months ago
- A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.☆10Apr 8, 2024Updated 2 years ago
- JavaScript functions intended to be used as an XSS payload against a WordPress admin account.☆57Oct 6, 2020Updated 5 years ago
- dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…☆43Apr 23, 2024Updated 2 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆54Sep 14, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- KERnano: The No-install Python Pen Testing kit. (Windows & Linux)☆13Sep 2, 2022Updated 3 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆65Aug 9, 2023Updated 2 years ago
- Get all AD objects which are hidden from you☆18Aug 21, 2017Updated 8 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆62Jun 12, 2023Updated 2 years ago
- ☆16Jan 9, 2025Updated last year
- ☆45Sep 21, 2025Updated 8 months ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆11Sep 22, 2023Updated 2 years ago
- Scans Slack for API tokens, credentials, passwords, and more using YARA rules☆40Feb 26, 2021Updated 5 years ago
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆76Jun 12, 2025Updated 11 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- POC Pdf-exploit builder on C#☆13Mar 1, 2024Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆143Jun 27, 2023Updated 2 years ago
- Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerS…☆14Feb 23, 2022Updated 4 years ago
- 致远OA通过发送特殊请求获取管理员cookie,再通过文件上传接口上传webshell压缩文件,最后发送解压请求获取webshell☆10Apr 11, 2021Updated 5 years ago
- ☆20Mar 7, 2024Updated 2 years ago
- Let's check if your target is vulnerable for client side prototype pollution.☆65Jan 9, 2024Updated 2 years ago
- Log4j_dos_CVE-2021-45105☆13Dec 19, 2021Updated 4 years ago
- Archived Please go to https://github.com/adamjsturge/xsshunter-go☆31Mar 7, 2024Updated 2 years ago
- This extension redacts potentially sensitive header and parameter values from requests using Shannon Entropy analysis.☆13Dec 29, 2020Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆30Nov 23, 2017Updated 8 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆291Nov 13, 2024Updated last year
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆228May 22, 2023Updated 3 years ago
- [ACL 2025] LongSafety: Evaluating Long-Context Safety of Large Language Models☆16Jun 18, 2025Updated 11 months ago
- Used to get NTLMv2 Hashes from SMB☆26Oct 24, 2024Updated last year
- In 'n Out - See what goes in and comes out of PEs☆35May 12, 2022Updated 4 years ago
- POC of CVE-2025-7783☆32Oct 31, 2025Updated 7 months ago
- JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the target…☆443Mar 28, 2026Updated 2 months ago
- The Frida Scripts Fetcher & Exploiter tool helps you search and use those scripts to exploit based on the provided search keyword.☆18Aug 5, 2023Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- ☆15Jun 27, 2020Updated 5 years ago
- Hadoken: A versatile Active Directory pentesting tool engineered to identify vulnerabilities and streamline security assessments.☆45Oct 26, 2025Updated 7 months ago
- Make exploiting race conditions in web applications highly efficient and ease-of-use.☆25Jun 18, 2025Updated 11 months ago
- ☆93Sep 18, 2021Updated 4 years ago
- Recreate a Webpack project just by providing an URL.☆11Jan 4, 2023Updated 3 years ago
- An extension to use Semgrep inside Burp Suite.☆90May 23, 2025Updated last year
- FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application a…☆168Oct 28, 2025Updated 7 months ago