luisfontes19 / xxexploiter
Tool to help exploit XXE vulnerabilities
☆542Updated last year
Related projects ⓘ
Alternatives and complementary repositories for xxexploiter
- Local file inclusion exploitation tool☆793Updated last year
- Fetches javascript file from a list of URLS or subdomains.☆740Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects☆946Updated 2 years ago
- Automation for javascript recon in bug bounty.☆901Updated last year
- This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack☆671Updated last year
- Web App bug hunting☆553Updated 5 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,680Updated 6 months ago
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆374Updated last year
- HTTP file upload scanner for Burp Proxy☆483Updated 10 months ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆804Updated 2 years ago
- A fast DOM based XSS vulnerability scanner with simplicity.☆771Updated 2 years ago
- CSRF Scanner☆550Updated 4 months ago
- ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )☆683Updated last year
- Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security prof…☆412Updated 3 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆614Updated 9 months ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆527Updated 9 months ago
- A fuzzer for detecting open redirect vulnerabilities☆713Updated 4 months ago
- Heuristic Vulnerable Parameter Scanner☆572Updated 10 months ago
- Open Redirect Payloads☆583Updated last month
- HTTP file upload scanner for Burp Proxy☆397Updated last year
- 🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast c…☆763Updated 6 months ago
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆524Updated 6 years ago
- This repository contains all the supplement material for the book "The art of sub-domain enumeration"☆639Updated 5 years ago
- A tool to check a bunch of URLs that contain reflecting params.☆539Updated 3 months ago
- Making Favicon.ico based Recon Great again !☆1,128Updated last year
- Quick SQLMap Tamper Suggester☆1,347Updated 2 years ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆936Updated 4 months ago
- Generates combination of domain names from the provided input.☆901Updated 5 months ago
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆696Updated last year
- 🎯 RFI/LFI Payload List☆538Updated 4 months ago