XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
☆317Jun 1, 2022Updated 3 years ago
Alternatives and similar repositories for XSScope
Users that are interested in XSScope are comparing it to the libraries listed below
Sorting:
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆69Aug 18, 2020Updated 5 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆519Jun 22, 2022Updated 3 years ago
- A one liner Bash command which finds CORS in every possible endpoint.☆149Jan 1, 2021Updated 5 years ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆970Dec 8, 2021Updated 4 years ago
- Automation for javascript recon in bug bounty.☆1,069Sep 9, 2023Updated 2 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆72Mar 12, 2022Updated 3 years ago
- A fast DOM based XSS vulnerability scanner with simplicity.☆855Sep 30, 2022Updated 3 years ago
- Automating XSS using Bash☆362Jan 27, 2026Updated last month
- ☆159Jan 7, 2022Updated 4 years ago
- R3C0Nizer is the first ever CLI based menu-driven web application B-Tier recon framework.☆152Apr 2, 2021Updated 4 years ago
- 🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.☆426Feb 20, 2026Updated 2 weeks ago
- Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for m…☆705Oct 29, 2021Updated 4 years ago
- An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…☆802Jul 4, 2023Updated 2 years ago
- XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|ID…☆350Jun 17, 2023Updated 2 years ago
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load☆296Sep 22, 2024Updated last year
- A cheat sheet that contains advanced queries for SQL Injection of all types.☆3,154May 13, 2023Updated 2 years ago
- Jeeves SQLI Finder☆215May 13, 2022Updated 3 years ago
- Zero Infrastructure Password Cracking☆416Aug 22, 2024Updated last year
- Making Favicon.ico based Recon Great again !☆1,268Aug 29, 2023Updated 2 years ago
- Smart context-based SSRF vulnerability scanner.☆360May 5, 2022Updated 3 years ago
- A python tool to check subdomain takeover vulnerability☆342Jan 6, 2023Updated 3 years ago
- Reconnaissance tool which scans javascript files for subdomains and then iterates over all javascript files hosted on subsequent subdomai…☆223Jul 10, 2020Updated 5 years ago
- Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…☆417Nov 24, 2020Updated 5 years ago
- CRLF and open redirect fuzzer☆112Aug 31, 2021Updated 4 years ago
- ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )☆686Updated this week
- Automation Recon tool which works with Large & Medium scopes. It performs a lot of tasks and gets back all the results in separated files…☆684Jul 15, 2024Updated last year
- Open Redirection Analyzer☆813Mar 5, 2023Updated 3 years ago
- Bucky (An automatic S3 bucket discovery tool)☆198Jan 6, 2022Updated 4 years ago
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.☆38Mar 7, 2021Updated 5 years ago
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens…☆5,223Jan 31, 2026Updated last month
- Self-developed tools for Lateral Movement/Code Execution☆718Aug 17, 2021Updated 4 years ago
- ☆436Jun 1, 2021Updated 4 years ago
- automated web assets enumeration & scanning [DEPRECATED]☆288Mar 7, 2023Updated 3 years ago
- Enumerate AD through LDAP with a collection of helpfull scripts being bundled☆144Feb 19, 2026Updated 2 weeks ago
- XSS Finder Via SSTI☆56Sep 14, 2023Updated 2 years ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,803Sep 17, 2024Updated last year
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing☆3,012Jun 24, 2024Updated last year
- ☆59Apr 8, 2021Updated 4 years ago
- XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具☆270Aug 20, 2020Updated 5 years ago