Demo of various ways to exploit post based reflected XSS
☆18Jul 6, 2023Updated 2 years ago
Alternatives and similar repositories for postBasedXSS
Users that are interested in postBasedXSS are comparing it to the libraries listed below
Sorting:
- A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.☆10Apr 8, 2024Updated last year
- KERnano: The No-install Python Pen Testing kit. (Windows & Linux)☆13Sep 2, 2022Updated 3 years ago
- Piper Burp Suite Extender plugin☆16Jan 15, 2026Updated last month
- POC Pdf-exploit builder on C#☆13Mar 1, 2024Updated 2 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Sep 14, 2023Updated 2 years ago
- This tool allows you to run programs as another user from the Windows command line. Example usage is if you have a low privilege shell an…☆21Apr 4, 2022Updated 3 years ago
- Used to get NTLMv2 Hashes from SMB☆23Oct 24, 2024Updated last year
- dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…☆43Apr 23, 2024Updated last year
- ☆19Dec 1, 2025Updated 3 months ago
- Get all AD objects which are hidden from you☆18Aug 21, 2017Updated 8 years ago
- Hadoken: A versatile Active Directory pentesting tool engineered to identify vulnerabilities and streamline security assessments.☆46Oct 26, 2025Updated 4 months ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆82Feb 4, 2023Updated 3 years ago
- c99 shell , c99 shell download, c99 shell txt , c99shell☆26Jul 24, 2022Updated 3 years ago
- Caterpillar is a security scanning library for AI agent skill files (e.g., Claude Code skills) for dangerous or malicious behavior☆32Feb 16, 2026Updated 2 weeks ago
- Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leak…☆96Aug 9, 2024Updated last year
- Hidden input parameters finder☆19Jul 10, 2023Updated 2 years ago
- ☆39Sep 21, 2025Updated 5 months ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆26Nov 23, 2017Updated 8 years ago
- JavaScript functions intended to be used as an XSS payload against a WordPress admin account.☆56Oct 6, 2020Updated 5 years ago
- Make exploiting race conditions in web applications highly efficient and ease-of-use.☆27Jun 18, 2025Updated 8 months ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆64Aug 9, 2023Updated 2 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆61Jun 12, 2023Updated 2 years ago
- my own 2fa bypass methodolgy☆28Sep 22, 2023Updated 2 years ago
- Archived Please go to https://github.com/adamjsturge/xsshunter-go☆31Mar 7, 2024Updated last year
- Unauthorized Access to Metadata and User Data like CTF☆28Nov 30, 2024Updated last year
- Compilation of scripts/tools (made by me or not) that help me with Pentest and Bug Bounty.☆26Dec 22, 2025Updated 2 months ago
- ☆28Jan 6, 2024Updated 2 years ago
- bash script for automating subdomain enumeration process either passive or active☆29Updated this week
- Let's check if your target is vulnerable for client side prototype pollution.☆65Jan 9, 2024Updated 2 years ago
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆75Jun 12, 2025Updated 8 months ago
- Session Hijacking Visual Exploitation☆210Mar 7, 2024Updated last year
- Final assignment for the course Data Visualization with Python, part of IBM Data Science Professional Certification on Coursera☆11Jun 22, 2020Updated 5 years ago
- Launch your SOC as fast as a rocket with only one command☆12Feb 17, 2025Updated last year
- Oracle Database Penetration Testing Reference (10g/11g)☆40Jul 28, 2018Updated 7 years ago
- Some simple scripts that I use during bug bounty hunting in Android Apps☆28Jan 30, 2025Updated last year
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆31Dec 26, 2023Updated 2 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆288Nov 13, 2024Updated last year
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆227May 22, 2023Updated 2 years ago
- ☆79Mar 26, 2024Updated last year