onxss/OneXSS

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/onxss/OneXSS)

onxss / OneXSS

One XSS 是一款基于Cloudflare Pages/D1/KV实现的在线XSS平台,可自定义模块和项目,用于帮助渗透测试工程师进行XSS漏洞验证.

☆50

Alternatives and similar repositories for OneXSS

Users that are interested in OneXSS are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

Sorting:

handbye / base64encode
View on GitHub
burpsuite POST数据包base64编码插件
☆17Mar 14, 2024Updated 2 years ago
orleven / Celestion
View on GitHub
Celestion 是一个无回显漏洞测试辅助平台，平台使用flask编写，提供DNSLOG，HTTPLOG等功能。 (界面懒得弄，后续有需要再说)。
☆30Aug 24, 2023Updated 2 years ago
bingtangbanli / VulnerabilityTools
View on GitHub
[CVE_2023_28432漏洞、CVE_2023_32315漏洞、 ThinkPHP 2.x 任意代码执行漏洞、ThinkPHP5 5.0.22/5.1.29 远程代码执行漏洞、 ThinkPHP5 5.0.23 远程代码执行漏洞 ThinkPHP 多语言本地文件包…
☆10Aug 31, 2023Updated 2 years ago
ybdt / mRemoteNG-Decryptor
View on GitHub
Automated mRemoteNG Decrypt Tool
☆27Apr 14, 2024Updated last year
rama291041610 / Thinkphp5.0.24-Unserialize-Vulnerability
View on GitHub
☆13Aug 13, 2020Updated 5 years ago
1-Click AI Models by DigitalOcean Gradient • Ad
Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
wafinfo / ezOFFICE_Decrypt
View on GitHub
万户数据库解密
☆21Dec 3, 2023Updated 2 years ago
TryGOTry / AutoGeaconC2
View on GitHub
AutoGeaconC2: 一键读取Profile自动化生成geacon实现跨平台上线CobaltStrike
☆142Apr 7, 2024Updated last year
shengshengli / ShiroAttack4.5.3
View on GitHub
shiro反序列化利用综合利用，包含（回显执行命令/注入内存马）原版中NoCC的问题 https://github.com/j1anFen/shiro_attack
☆12May 1, 2022Updated 3 years ago
Mayter / mssql-command-tool
View on GitHub
xp_cmdshell与sp_oacreate执行命令回显和clr加载程序集执行相应操作，上传，job等相应操作。
☆196Nov 25, 2023Updated 2 years ago
xss-root / cobaltstrike_book
View on GitHub
cobaltstrike 实战案例, 含20个实战案例。插件包在releases中
☆34Aug 28, 2023Updated 2 years ago
Y5neKO / Y5neKO_Study_Note_Markdown
View on GitHub
Y5neKO的个人学习记录Markdown
☆14May 2, 2024Updated last year
TryGOTry / golang-uuid-loader
View on GitHub
golang uuid-shellcode加载器,分离执行,可直接把shellcode写入程序。
☆15Aug 12, 2021Updated 4 years ago
Fupo-series / ICS-Tools
View on GitHub
工控设备信息识别工具箱
☆56Dec 4, 2025Updated 3 months ago
hanc00l / pocGoby2Xray
View on GitHub
将Goby的json格式Poc转为xray的yaml格式Poc
☆132Nov 19, 2022Updated 3 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
zyylhn / redis_rce
View on GitHub
Redis primary/secondary replication RCE
☆45Apr 18, 2022Updated 3 years ago
kk12-30 / Sentinel
View on GitHub
Sentinel 是一个功能强大AI赋能的跨平台（Windows/Linux）应急响应自动化分析工具，专注于威胁检测、恶意软件分析和安全评估。
☆96Dec 30, 2025Updated 3 months ago
h4ckdepy / Un1kPoc
View on GitHub
非常专业的漏洞POC管理、团队授权化漏洞管理、漏洞验证利用、漏洞批量利用框架。
☆245Jan 19, 2023Updated 3 years ago
Okaytc / Superset_auth_bypass_check
View on GitHub
Apahce-Superset身份认证绕过漏洞(CVE-2023-27524)检测工具
☆11Aug 3, 2023Updated 2 years ago
TheBeastofwar / linuxhacker
View on GitHub
一款linux 内网渗透辅助工具
☆77Jan 31, 2024Updated 2 years ago
lintstar / CS-AutoPostChain
View on GitHub
基于 OPSEC 的 CobaltStrike 后渗透自动化链
☆452Mar 11, 2024Updated 2 years ago
xsshim / GzWebsocket
View on GitHub
哥斯拉webshell管理工具的插件，用于连接websocket型webshell
☆176Apr 17, 2024Updated last year
Conan924 / GodInfo
View on GitHub
GodInfo 是一个功能全面的后渗透信息和凭据收集工具，旨在帮助安全测试人员在获得授权访问权限后，快速收集目标系统的信息和凭据。
☆245Apr 29, 2025Updated 11 months ago
tpt11fb / AttackTomcat
View on GitHub
Tomcat常见漏洞GUI利用工具。CVE-2017-12615 PUT文件上传漏洞、tomcat-pass-getshell 弱认证部署war包、弱口令爆破、CVE-2020-1938 Tomcat AJP文件读取/包含
☆250Nov 15, 2022Updated 3 years ago
DigitalOcean Gradient AI Platform • Ad
Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
winezer0 / XiaYue_Pro
View on GitHub
Xia_Yue_Plus 瞎越增强版
☆71Aug 20, 2025Updated 7 months ago
ExpLangcn / Payload-List
View on GitHub
整理SQLI、XSS、RCE、Path的payload文件备份留存
☆15Nov 9, 2022Updated 3 years ago
TheBeastofwar / JenkinsExploit-GUI
View on GitHub
一款Jenkins的综合漏洞利用工具
☆464Mar 20, 2024Updated 2 years ago
G0mini / Jmc_Tools
View on GitHub
分享极梦C团队写的一些使用工具
☆57Nov 6, 2023Updated 2 years ago
cheetah-lab / Ghost-Attack-Suite
View on GitHub
GAS 漏洞利用框架
☆27Mar 25, 2022Updated 4 years ago
doimet / AuxTools
View on GitHub
图形化渗透测试辅助工具
☆502Mar 22, 2026Updated last week
FunnyWolf / Caesar
View on GitHub
一个全新的敏感文件发现工具
☆54Jan 4, 2021Updated 5 years ago
Mangofang / BypassLoad
View on GitHub
shellcode免杀加载器，过主流杀软
☆144Sep 29, 2024Updated last year
getpanic / code_scan
View on GitHub
代码审计关键词扫描工具
☆11Apr 29, 2024Updated last year
Managed hosting for WordPress and PHP on Cloudways • Ad
Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
zeoxisca / gamma-gui
View on GitHub
a tool help you write gamma poc
☆110Mar 17, 2023Updated 3 years ago
ifacker / cscan-go
View on GitHub
cscan-go 版本，主要用于C段扫描，信息收集、红队横向渗透等...（相信我，点进来不会后悔的！）
☆97Apr 28, 2024Updated last year
ruisika / jsapiscan
View on GitHub
红队快速扫描js文件检查工具
☆65Feb 4, 2026Updated last month
asaotomo / CVE-2021-42013-Apache-RCE-Poc-Exp
View on GitHub
Apache 远程代码执行（CVE-2021-42013）批量检测工具：Apache HTTP Server是美国阿帕奇（Apache）基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点，发现 Apache HTTP Server 2.4…
☆10Dec 24, 2021Updated 4 years ago
Ad1euDa1e / VueCrack
View on GitHub
红队浏览器插件-检测VUE站点未授权漏洞
☆726Sep 9, 2025Updated 6 months ago
misaka19008 / PerlinPuzzle-Webshell-PHP
View on GitHub
使用分支对抗技术制作的PHP Webshell，截止2024年1月18日，共数十个查杀引擎免杀
☆304Jun 11, 2025Updated 9 months ago
xjsafe / MimikatzBypass
View on GitHub
新免杀方向 Mimikatz（猕猴桃）免杀 360，火绒，电脑管家，WindowsDefinder，详细使用教程请参考博客：https://www.vpss.cc/381.html
☆25Mar 4, 2024Updated 2 years ago