small set of scripts to practice exploit XSS and CSRF vulnerabilities
☆65Dec 22, 2017Updated 8 years ago
Alternatives and similar repositories for xss-labs
Users that are interested in xss-labs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆38Nov 8, 2017Updated 8 years ago
- My collection of exploit development skeletons for fuzzing, overwriting the stack, remote code execution, etc.☆16Mar 19, 2025Updated last year
- A simple web app with a XXE vulnerability.☆229Nov 10, 2021Updated 4 years ago
- A set of XSS vulnerable PHP scripts for testing☆38Feb 10, 2013Updated 13 years ago
- XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in H…☆24Jul 23, 2014Updated 11 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Python tool for expired domain discovery in crossdomain.xml files☆23Feb 21, 2017Updated 9 years ago
- PassWord List Maker☆17Oct 29, 2018Updated 7 years ago
- Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis☆36Jul 10, 2018Updated 7 years ago
- ssh protector. to build dynamtic iptables 小黑屋,专门收集肉鸡的ip地址☆16Jun 16, 2020Updated 5 years ago
- Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients☆14Jul 3, 2013Updated 12 years ago
- small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns☆335Apr 8, 2024Updated 2 years ago
- ☆30Sep 1, 2022Updated 3 years ago
- DNS域传送漏洞探测工具。多线程,批量探测,漏洞利用,简单网页采集。(DNS zone transfer vulnerability Vulnerability detection tool, support multithreading,batch scanning an…☆52Mar 11, 2016Updated 10 years ago
- JitterBug passively searches for Basic Info, open ports, potential CVE's on the given Target IP in third party databases without Direct i…☆13Sep 29, 2021Updated 4 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- The Hunt for Malicious Strings☆13Oct 8, 2020Updated 5 years ago
- A lightweight red teaming platform utilizing concurrent nmap scans to populate a collaborative web server.☆23Feb 22, 2026Updated 3 months ago
- ISR-sqlget It's a blind SQL injection tool developed in Perl.☆14Apr 26, 2013Updated 13 years ago
- Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on M…☆15Oct 2, 2019Updated 6 years ago
- 一个垃圾桶☆59Aug 14, 2022Updated 3 years ago
- Spring-Boot app for demonstrating security vulnaribilities☆13Aug 21, 2019Updated 6 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆42Mar 14, 2017Updated 9 years ago
- 网站路径扫描,python版御剑(增加代理,延时功能)☆17Mar 3, 2018Updated 8 years ago
- WackoPicko is a vulnerable web application used to test web application vulnerability scanners.☆350May 25, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- "HeaderScan" Burp Plugin☆16Apr 26, 2014Updated 12 years ago
- an image bot that exploits png transparency quirks.☆10May 24, 2018Updated 8 years ago
- Removes duplicate entries from a file, resulting in only unique parameter combinations. Useful for parsing waybackurls and making recon m…☆12May 31, 2020Updated 6 years ago
- Local enumeration and exploitation framework.☆18Aug 16, 2017Updated 8 years ago
- A small python script to check for Cross-Site Tracing (XST)��☆133Jan 23, 2016Updated 10 years ago
- Lab set-up for learning SQL Injection Techniques☆101Dec 6, 2020Updated 5 years ago
- Vulnerable web application☆81Feb 17, 2026Updated 3 months ago
- Clickjacking Proof-of-Concept Exploit☆26Oct 1, 2020Updated 5 years ago
- web cache poison - Top 1 web hacking technique of 2019☆25Feb 24, 2020Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- BurpSuite Pro Python Extension☆18Jul 11, 2013Updated 12 years ago
- Fimap post-exploitation plugin that injects dave Rel1k's AES HTTP Reverse Shell☆16Apr 16, 2014Updated 12 years ago
- TomcatBrute tool☆12Nov 4, 2016Updated 9 years ago
- This is a basic example of how to search into Shodan using the ShodanAPI.☆15Jan 19, 2014Updated 12 years ago
- PHP synthetic test cases generator☆10Oct 15, 2023Updated 2 years ago
- Vulnerability consolidation and management tool, enhances scan results by merging different findings of the same weakness across multiple…☆24Dec 16, 2022Updated 3 years ago
- Sample vulnerable code and its exploit code☆190Mar 14, 2021Updated 5 years ago