mastomii / nexssLinks
NeXSS is a modern, self-hosted Blind XSS (Cross-Site Scripting) hunter and callback listener built with Next.js. It helps security researchers and penetration testers discover and validate blind XSS vulnerabilities by capturing detailed information when payloads execute on target systems.
β20Updated last week
Alternatives and similar repositories for nexss
Users that are interested in nexss are comparing it to the libraries listed below
Sorting:
- Resources for Mobile Application Testing πβ72Updated last year
- A tool for inspecting and analyzing mobile application storage files.β49Updated 7 months ago
- A tool for listing and extracting installed Android APKs and decrypted iOS IPAs (plus app storage) from rooted or jailbroken devices.β38Updated 8 months ago
- β95Updated 9 months ago
- β47Updated 10 months ago
- Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdomaβ¦β53Updated this week
- β41Updated last year
- β41Updated 2 years ago
- Unwaf is a Go tool designed to help identify WAF bypasses using passive techniques, such as: SPF records and DNS history. By default, Unwβ¦β98Updated 6 months ago
- Ultimate Tasks Automation Framework for Hackers, DevSecOps, Pentesters, and Bug-bounty hunters!β154Updated 3 months ago
- Cyber Security Awareness Framework (CSAF)β100Updated last week
- Advanced CORS Header Checker Tool with Vulnerability Detection and Bypass Attemptsβ65Updated 7 months ago
- A standalone collection of widely used technologies with default credentials enabled, which can be utilized for establishing an initial fβ¦β20Updated last year
- Morgan is a powerful tool designed to help security researchers, developers, and security auditors identify sensitive information, vulnerβ¦β56Updated 11 months ago
- A powerful bash script for massive XSS scanning leveraging Brute Logic's KNOXSS APIβ75Updated 11 months ago
- Google maps api key checker for pentesting purposeβ28Updated 3 years ago
- My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the examβ41Updated 2 years ago
- β78Updated 7 months ago
- A fast subdomain takeover toolβ85Updated 2 years ago
- An Incredibly Annoying, Insufferable Authentication Implementationβ31Updated last year
- DomainTrail is a fast subdomain enumeration tool that uses effective passive and active techniques.β41Updated last year
- β15Updated 3 years ago
- β21Updated 9 months ago
- ngrok Collaborator Link β yet another Burp Collaborator alternative for free with ngrok.β113Updated 2 years ago
- SSLPinDetect is a tool for analyzing Android APKs to detect SSL pinning implementations by scanning for known patterns in decompiled codeβ¦β48Updated 4 months ago
- AI/LLM local model integration for analysis of reconftw resultsβ86Updated 8 months ago
- β31Updated 8 months ago
- Search for all leaked keys/secrets using one regex! bugbountyβ169Updated 9 months ago
- Zzl is a reconnaissance tool that collects subdomains from SSL certificates in IP rangesβ45Updated last year
- This script automates SQL injection testing using SQLMap with AI-powered decision making.β29Updated 6 months ago