Exploitation for XSS
☆730Aug 5, 2021Updated 4 years ago
Alternatives and similar repositories for xss_payloads
Users that are interested in xss_payloads are comparing it to the libraries listed below
Sorting:
- WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application cont…☆351Aug 27, 2018Updated 7 years ago
- A Ruby framework designed to aid in the penetration testing of WordPress systems.☆1,044Nov 24, 2019Updated 6 years ago
- Git All the Payloads! A collection of web attack payloads.☆3,908May 15, 2023Updated 2 years ago
- WAFNinja is a tool which contains two functions to attack Web Application Firewalls.☆823Dec 6, 2017Updated 8 years ago
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,903Sep 27, 2021Updated 4 years ago
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆426Feb 18, 2020Updated 6 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- ☆614Oct 4, 2024Updated last year
- Red Team Tips as posted by @vysecurity on Twitter☆1,069Apr 26, 2020Updated 5 years ago
- A container repository for my public web hacks!☆2,018Oct 12, 2022Updated 3 years ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,716Dec 1, 2024Updated last year
- CACTUSTORCH: Payload Generation for Adversary Simulations☆1,014Jul 3, 2018Updated 7 years ago
- A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.☆985Dec 13, 2017Updated 8 years ago
- This tool can be used to brute discover GET and POST parameters☆1,393Aug 24, 2019Updated 6 years ago
- Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Dir…☆1,621Jan 23, 2024Updated 2 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,548Aug 2, 2019Updated 6 years ago
- Wiki to collect Red Team infrastructure hardening resources☆4,454Oct 1, 2025Updated 5 months ago
- Framework for Making Environmental Keyed Payloads (NO LONGER SUPPORTED)☆760Jan 28, 2019Updated 7 years ago
- Exploit the credentials present in files and memory☆842May 25, 2023Updated 2 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- A PowerShell based utility for the creation of malicious Office macro documents.☆1,109Nov 3, 2017Updated 8 years ago
- Content hijacking proof-of-concept using Flash, PDF and Silverlight☆384May 16, 2019Updated 6 years ago
- psychoPATH - an advanced path traversal tool. Features: evasive techniques, dynamic web root list generation, output encoding, site map-s…☆278Feb 12, 2021Updated 5 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆378Oct 12, 2020Updated 5 years ago
- Post Exploitation Collection☆1,570May 1, 2020Updated 5 years ago
- Awesome XSS stuff☆5,066Oct 30, 2024Updated last year
- Powershell C2 Server and Implants☆575Nov 11, 2019Updated 6 years ago
- An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector☆1,019Sep 11, 2017Updated 8 years ago
- DNS Rebinding Exploitation Framework☆492Apr 27, 2021Updated 4 years ago
- Undetectable Windows Payload Generation☆1,608Nov 8, 2022Updated 3 years ago
- My musings with PowerShell☆2,704Nov 19, 2021Updated 4 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆470Nov 14, 2019Updated 6 years ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- A Python Framework For NoSQL Scanning and Exploitation☆602Dec 6, 2024Updated last year
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- A ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network☆573Dec 9, 2017Updated 8 years ago
- Pivoter is a proxy tool for pentesters to have easier lateral movement.☆144Aug 9, 2015Updated 10 years ago
- A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-s…☆442Sep 19, 2021Updated 4 years ago