humblelad / Awesome-XSS-Payloads

Related projects: ⓘ

• roottusk / xforwardy
  Host Header Injection Scanner
  ☆44Updated 3 years ago
• emadshanab / 971-MB-content_discovery_wordlist
  Collection of content discovery wordlists in one wordlist.
  ☆37Updated 2 years ago
• shelld3v / flydns
  Related subdomains finder
  ☆29Updated 2 years ago
• KarimPwnz / waybacked
  Get URLs from the Wayback Machine. Able to handle large outputs.
  ☆23Updated last year
• Anof-cyber / web-recon
  Web application recon for bug bounty
  ☆20Updated 4 years ago
• romainricard / burp-headsup
  Toggle Burp proxy from anywhere and get its status in i3wm
  ☆21Updated 2 weeks ago
• Josue87 / roboxtractor
  Extract endpoints marked as disallow in robots files to generate wordlists.
  ☆53Updated 2 years ago
• m8sec / SubWalker
  Simultaneously execute various subdomain enumeration tools and aggregate results.
  ☆38Updated 3 months ago
• evanRubinsteinIT / BugBounty-Oneliners
  ☆24Updated this week
• Sachin-v3rma / hactivity
  A Tool to find subdomains from hackerone reports.
  ☆16Updated 3 years ago
• Knowledge-Wisdom-Understanding / Auto-Recon
  Information-Gathering Shell Script
  ☆28Updated 3 years ago
• iustin24 / rextract
  CLI tool that extracts a regex pattern from a list of urls ( Rust )
  ☆56Updated 2 years ago
• redhuntlabs / Log4JHunt
  An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability.
  ☆43Updated 2 years ago
• R0X4R / scvault
  Custom scripts for directory fuzzing, subdomain enumeration, and more.
  ☆43Updated 2 years ago
• AlfredBerg / dnsline
  Tool for making it easy to collect dns results from the CLI
  ☆39Updated last month
• ethicalhackingplayground / crlfmap
  CRLFMap is a tool to find HTTP Splitting vulnerabilities
  ☆25Updated 4 years ago
• gwen001 / favicon-hashtrick
  Python script implementing the favicon hash trick to find subdomains.
  ☆26Updated last year
• Xib3rR4dAr / WannaRace
  WebApp intentionally made vulnerable to Race Condition for practicing Race Condition
  ☆22Updated 2 years ago
• geeknik / nuclei-template-generator
  A simple tool which makes creating nuclei templates even easier.
  ☆35Updated 2 months ago
• ihebski / db
  Bugbounty utility to store list of enumerated subdomains into an sqlite3 db [one liner style / Pipe and save]
  ☆28Updated 3 years ago
• PortSwigger / wordlist-extractor
  ☆21Updated 6 years ago
• HJ23 / Raptor
  Passive subdomain enumeration tool with http-probe.
  ☆33Updated 3 years ago
• HACKE-RC / RPCScan
  ☆30Updated this week
• MantisSTS / GoCloud
  Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare
  ☆55Updated last year
• dwisiswant0 / nodep
  A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.
  ☆27Updated 2 years ago
• nikhil1232 / Bucket-Flaws
  Bucket Flaws ( S3 Bucket Mass Scanner ): A Simple Lightweight Script to Check for Common S3 Bucket Misconfigurations
  ☆55Updated 4 years ago
• hahwul / ws-smuggler
  WebSocket Connection Smuggler
  ☆45Updated last year
• streaak / hacks
  Small snippets and scripts which I use
  ☆33Updated 4 years ago
• hacker50120 / CasperEye
  Advanced Recon Tool
  ☆26Updated 4 years ago
• zeronine9 / Blind_SPOT
  Blind spot is a python tool for blind injection vulnerabilities , SQLi time based , Command injection , code injection , SSTI
  ☆27Updated 3 years ago