mastomii / nexssView external linksLinks
NeXSS is a modern, self-hosted Blind XSS (Cross-Site Scripting) hunter and callback listener built with Next.js. It helps security researchers and penetration testers discover and validate blind XSS vulnerabilities by capturing detailed information when payloads execute on target systems.
☆30Jan 14, 2026Updated last month
Alternatives and similar repositories for nexss
Users that are interested in nexss are comparing it to the libraries listed below
Sorting:
- Multi-agent AI system using GPT-4o, DeepSeek v3, and Llama 3.3 to detect if CVE vulnerabilities were exploited as zero-days. Analyzes…☆19Aug 31, 2025Updated 5 months ago
- A tool for listing and extracting installed Android APKs and decrypted iOS IPAs (plus app storage) from rooted or jailbroken devices.☆38May 5, 2025Updated 9 months ago
- SSLPinDetect is a tool for analyzing Android APKs to detect SSL pinning implementations by scanning for known patterns in decompiled code…☆63Sep 5, 2025Updated 5 months ago
- ☆26Mar 3, 2022Updated 3 years ago
- Sharing Knowledge "Hands On Scraping Data dengan kasus Analisis Sentimen pada Kebijakan Pemerintah"☆23May 28, 2025Updated 8 months ago
- Final assignment for the course Data Visualization with Python, part of IBM Data Science Professional Certification on Coursera☆11Jun 22, 2020Updated 5 years ago
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆31Dec 26, 2023Updated 2 years ago
- Collection of templates from various resources☆42Dec 5, 2025Updated 2 months ago
- 一款支持检测web应用程序未授权访问缺陷的burp suite插件,可自定义配置检测字段以及返回包json数据分析☆12Apr 22, 2024Updated last year
- A cheat sheet that contains common enumeration and attack methods for Mail Server.☆41Oct 18, 2022Updated 3 years ago
- Repo for OSWE related video content for @SecAura Youtube Channel☆37Feb 21, 2022Updated 3 years ago
- Burp extension to automatically drop requests that match a certain regex.☆10Mar 10, 2023Updated 2 years ago
- Postman collection to work with Sophos Central APIs☆24Jan 8, 2026Updated last month
- It is a ML based project developed in python language. It detect and recognize the face and mark attendance of that person. It's good poi…☆10Aug 13, 2023Updated 2 years ago
- ☆11Aug 25, 2018Updated 7 years ago
- Hack The Box OSCP-like VMs writeups☆11Oct 11, 2020Updated 5 years ago
- Burp extension to fuzz/brute force GenAI/LLM prompts for potential behvioural and Prompt Injection vulnerabilities.☆13Sep 3, 2025Updated 5 months ago
- Active Directory share enumeration tool☆12Apr 28, 2025Updated 9 months ago
- ☆14May 14, 2022Updated 3 years ago
- 「💉」XSS Payload List☆44Feb 26, 2023Updated 2 years ago
- A 1 Liner SQL Injection Attack using SQLMAP and various parameters that helps quickly check for a vulnerabilities during Bug Bounty☆41Sep 6, 2024Updated last year
- OSCP tools and notes☆40Jan 21, 2019Updated 7 years ago
- ☆46Nov 5, 2025Updated 3 months ago
- Recon tool for URLs discovery☆11Jun 19, 2024Updated last year
- A deliberately vulnerable website used to showcase Dastardly from Burp Suite☆10Oct 6, 2025Updated 4 months ago
- Random Tips and Writeups.☆15Feb 21, 2019Updated 6 years ago
- bug bounty☆11Aug 13, 2023Updated 2 years ago
- Scanner for misconfigured DevSecOps or Security tools on internet like SonarQube, GoPhish etc.☆12Apr 4, 2025Updated 10 months ago
- ☆14Jan 23, 2026Updated 3 weeks ago
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- Virtual host bruteforcer against given network range or single ip☆11Mar 21, 2019Updated 6 years ago
- ☆23Sep 17, 2025Updated 4 months ago
- I was searching for such resource to work as cheat sheet series and guide me through different attack scenarios for API attacks, didn’t f…☆15May 5, 2025Updated 9 months ago
- WP Juicer Tool for quick scanning of confidential information on WordPress endpoints.☆10Apr 30, 2024Updated last year
- SAPLAR - LFI & Path Traversal Scanner☆15Mar 11, 2025Updated 11 months ago
- This small script helps to avoid using MetaSploit (msfconsole) during the Enterprise pentests and OSCP-like exams. Grep included function…☆14Mar 9, 2023Updated 2 years ago
- Passive JavaScript reconnaissance for penetration testers — bridging Burp Suite traffic into structured, AST-based analysis in VSCode.☆35Feb 5, 2026Updated last week
- A small script to import and ban IPs from a list (like from blocklist.de)☆14Oct 23, 2016Updated 9 years ago
- Lightweight reflection scanner☆20Aug 31, 2025Updated 5 months ago