Demo of various ways to exploit post based reflected XSS
☆18Jul 6, 2023Updated 2 years ago
Alternatives and similar repositories for postBasedXSS
Users that are interested in postBasedXSS are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Piper Burp Suite Extender plugin☆16Jan 15, 2026Updated 3 months ago
- A Multi-Processing Tool for collecting and extracting information to an Excel file from a Burp Suite output file.☆10Apr 8, 2024Updated 2 years ago
- JavaScript functions intended to be used as an XSS payload against a WordPress admin account.☆56Oct 6, 2020Updated 5 years ago
- dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…☆43Apr 23, 2024Updated 2 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆54Sep 14, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- KERnano: The No-install Python Pen Testing kit. (Windows & Linux)☆13Sep 2, 2022Updated 3 years ago
- Mine URLs from Browser's Heap Snapshot for fun and profit☆65Aug 9, 2023Updated 2 years ago
- Get all AD objects which are hidden from you☆18Aug 21, 2017Updated 8 years ago
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆62Jun 12, 2023Updated 2 years ago
- ☆16Jan 9, 2025Updated last year
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆11Sep 22, 2023Updated 2 years ago
- Scans Slack for API tokens, credentials, passwords, and more using YARA rules☆40Feb 26, 2021Updated 5 years ago
- POC Pdf-exploit builder on C#☆13Mar 1, 2024Updated 2 years ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆143Jun 27, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- This Burp Suite extension enables the generation of shareable links to specific requests which other Burp Suite users can import.☆12May 20, 2022Updated 3 years ago
- Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerS…☆14Feb 23, 2022Updated 4 years ago
- 致远OA通过发送特殊请求获取管理员cookie,再通过文件上传接口上传webshell压缩文件,最后发送解压请求获取webshell☆10Apr 11, 2021Updated 5 years ago
- ☆20Mar 7, 2024Updated 2 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆82Feb 4, 2023Updated 3 years ago
- Oneliner Bug Bounty Collection collected from GitHub to all bug bounty hunters☆38Dec 12, 2023Updated 2 years ago
- Let's check if your target is vulnerable for client side prototype pollution.☆65Jan 9, 2024Updated 2 years ago
- Log4j_dos_CVE-2021-45105☆13Dec 19, 2021Updated 4 years ago
- Archived Please go to https://github.com/adamjsturge/xsshunter-go☆31Mar 7, 2024Updated 2 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- This extension redacts potentially sensitive header and parameter values from requests using Shannon Entropy analysis.☆13Dec 29, 2020Updated 5 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆29Nov 23, 2017Updated 8 years ago
- A Firefox Web Extension to improve the discovery of DOM XSS.☆291Nov 13, 2024Updated last year
- ☆10Feb 8, 2021Updated 5 years ago
- 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️☆229May 22, 2023Updated 2 years ago
- Used to get NTLMv2 Hashes from SMB☆24Oct 24, 2024Updated last year
- POC of CVE-2025-7783☆32Oct 31, 2025Updated 6 months ago
- Launch your SOC as fast as a rocket with only one command☆12Feb 17, 2025Updated last year
- Python 3 alternative command line interface for AWS Route 53; enables simple record management and dynamic DNS☆11Apr 24, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- The Frida Scripts Fetcher & Exploiter tool helps you search and use those scripts to exploit based on the provided search keyword.☆18Aug 5, 2023Updated 2 years ago
- ☆15Jun 27, 2020Updated 5 years ago
- Hadoken: A versatile Active Directory pentesting tool engineered to identify vulnerabilities and streamline security assessments.☆45Oct 26, 2025Updated 6 months ago
- Make exploiting race conditions in web applications highly efficient and ease-of-use.☆27Jun 18, 2025Updated 10 months ago
- The following package is the standalone wordlist-only component to flask-unsign.☆43Jun 15, 2024Updated last year
- ☆95Sep 18, 2021Updated 4 years ago
- An extension to use Semgrep inside Burp Suite.☆88May 23, 2025Updated 11 months ago