This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.
☆86Dec 29, 2023Updated 2 years ago
Alternatives and similar repositories for XXElixir
Users that are interested in XXElixir are comparing it to the libraries listed below
Sorting:
- HuntersEye is designed for Bug Bounty Hunters, and Security Researchers to monitor new subdomains and certificates for specified domains.…☆21Dec 29, 2023Updated 2 years ago
- My own Custom nuclei templates☆26Dec 8, 2021Updated 4 years ago
- bounty collection☆41Sep 1, 2024Updated last year
- A simple Burp Suite extension to crawl JavaScript (JS) files in passive mode and display the results directly on the issues☆374Jul 25, 2023Updated 2 years ago
- Discover hidden debugging parameters and uncover web application secrets☆247Feb 4, 2026Updated 3 weeks ago
- a recon framework that facilitates discovering, scanning and monitoring assets trough a configurable engine running on serverless aws inf…☆12Aug 26, 2024Updated last year
- A handy plugin for copying requests/responses directly from Burp, some extra magic included.☆13Oct 15, 2021Updated 4 years ago
- The utility aims to clean up output generated by popular tools by calculating a hash based on specific JSON values to removing junk data.☆16Apr 5, 2024Updated last year
- Tool to retrieve Config from Redline C2 servers☆16Mar 14, 2023Updated 2 years ago
- JS Finding can be used to extract JavaScript (JS) files from either a single domain URL or a list of domains. The tool supports various e…☆48Apr 29, 2024Updated last year
- ARP Spoofing Defender is a project designed to protect local networks from ARP Spoofing attacks. ARP Spoofing Defender provides mechanism…☆23Nov 24, 2025Updated 3 months ago
- Looks for parameters in urls☆34Oct 14, 2024Updated last year
- List of fresh and validated DNS resolvers updated every 12h.☆24Updated this week
- "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persist…☆91Jul 26, 2024Updated last year
- WebDirScan is a tool for brute-forcing URIs (directories and files) on web servers by taking input directory to scan for files & director…☆11Mar 31, 2023Updated 2 years ago
- A collection of js analysis tools & scripts.☆19Feb 13, 2026Updated 2 weeks ago
- ☆19Jun 26, 2017Updated 8 years ago
- Subdomain enumeration tool, asynchronous dns packets, use pcap to scan 1600,000 subdomains in 1 second修复内存溢出等bug☆14Nov 25, 2023Updated 2 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆1,290Aug 7, 2025Updated 6 months ago
- ☆35Aug 2, 2022Updated 3 years ago
- Automated HTTP Request Repeating With Burp Suite☆40Apr 3, 2023Updated 2 years ago
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆149Feb 21, 2024Updated 2 years ago
- Identify virtual hosts by similarity comparison☆137Aug 12, 2024Updated last year
- Hacking tool for enumeration and automated attacking. Port Scanner, Automatic SSH brute, DNS queries, IP and phonenumber geolocation☆14May 25, 2023Updated 2 years ago
- ☆15Apr 5, 2023Updated 2 years ago
- Cfd (Cloudflare detector) is a tool that allows you to check one or more domains to see if they are protected by CloudFlare or not. The c…☆17Mar 30, 2023Updated 2 years ago
- A high-performance domain scanner that discovers active domains by testing multiple Top-Level Domains (TLDs) for given domain names.☆30Oct 26, 2025Updated 4 months ago
- List of custom Nuclei templates☆16Nov 4, 2023Updated 2 years ago
- BurpSuite extension to convert requests into bcheck scripts☆33Jul 18, 2023Updated 2 years ago
- XSSMaze is a web service designed to test and improve the performance of security testing tools by providing various cases of XSS vulnera…☆31Feb 8, 2026Updated 2 weeks ago
- Automatic SQL injection and database takeover tool☆45Nov 27, 2025Updated 3 months ago
- A fast tool to scan SAAS,PAAS App written in Go☆84Feb 13, 2023Updated 3 years ago
- A repo containing some tooling build to assist with reverse engineering malware samples☆15Jul 22, 2023Updated 2 years ago
- Burp extension to fuzz/brute force GenAI/LLM prompts using a list of various payloads.☆29Sep 4, 2025Updated 5 months ago
- Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit☆18Jun 3, 2024Updated last year
- GATOR - GCP Attack Toolkit for Offensive Research, a tool designed to aid in research and exploiting Google Cloud Environments☆89Jun 22, 2024Updated last year
- time-based user enum via Basic Auth in Azure against Autodiscover☆33Oct 3, 2024Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆750Dec 19, 2023Updated 2 years ago
- Private vulnerability testing suite☆13Mar 30, 2021Updated 4 years ago