small set of scripts to practice exploit XSS and CSRF vulnerabilities
☆65Dec 22, 2017Updated 8 years ago
Alternatives and similar repositories for xss-labs
Users that are interested in xss-labs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Lab for exploring SSRF vulnerabilities☆249May 30, 2021Updated 5 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆38Nov 8, 2017Updated 8 years ago
- My collection of exploit development skeletons for fuzzing, overwriting the stack, remote code execution, etc.☆16Mar 19, 2025Updated last year
- A simple web app with a XXE vulnerability.☆229Nov 10, 2021Updated 4 years ago
- 一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo☆817Nov 28, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A set of XSS vulnerable PHP scripts for testing☆38Feb 10, 2013Updated 13 years ago
- XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in H…☆24Jul 23, 2014Updated 11 years ago
- Python tool for expired domain discovery in crossdomain.xml files☆23Feb 21, 2017Updated 9 years ago
- PassWord List Maker☆17Oct 29, 2018Updated 7 years ago
- Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis☆36Jul 10, 2018Updated 7 years ago
- Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients☆14Jul 3, 2013Updated 12 years ago
- small set of PHP scripts to practice exploiting LFI, RFI and CMD injection vulns☆335Apr 8, 2024Updated 2 years ago
- 在Sublist3r基础上优化一个python工具,用于枚举使用OSINT的网站的子域。它有助于渗透测试人员和漏洞猎手收集并收集他们所针对的域名的子域名。Sublist3r使用Google,Yahoo,Bing,百度和Ask等许多搜索引擎来枚举子域名。Sublist3r还使…☆13May 14, 2018Updated 8 years ago
- ☆30Sep 1, 2022Updated 3 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- DNS域传送漏洞探测工具。多线程,批量探测,漏洞利用,简单网页采集。(DNS zone transfer vulnerability Vulnerability detection tool, support multithreading,batch scanning an…☆52Mar 11, 2016Updated 10 years ago
- The Hunt for Malicious Strings☆13Oct 8, 2020Updated 5 years ago
- A lightweight red teaming platform utilizing concurrent nmap scans to populate a collaborative web server.☆23Feb 22, 2026Updated 4 months ago
- ISR-sqlget It's a blind SQL injection tool developed in Perl.☆14Apr 26, 2013Updated 13 years ago
- Proof of concept memory anti-forensic toolkit designed for hiding various artifacts inside the memory dump during memory acquisition on M…☆15Oct 2, 2019Updated 6 years ago
- Spring-Boot app for demonstrating security vulnaribilities☆13Aug 21, 2019Updated 6 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆42Mar 14, 2017Updated 9 years ago
- 网站路径扫描,python版御剑(增加代理,延时功能)☆17Mar 3, 2018Updated 8 years ago
- WackoPicko is a vulnerable web application used to test web application vulnerability scanners.☆350May 25, 2024Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- "HeaderScan" Burp Plugin☆16Apr 26, 2014Updated 12 years ago
- an image bot that exploits png transparency quirks.☆10May 24, 2018Updated 8 years ago
- Removes duplicate entries from a file, resulting in only unique parameter combinations. Useful for parsing waybackurls and making recon m…☆12May 31, 2020Updated 6 years ago
- Local enumeration and exploitation framework.☆18Aug 16, 2017Updated 8 years ago
- A small python script to check for Cross-Site Tracing (XST)☆133Jan 23, 2016Updated 10 years ago
- Lab set-up for learning SQL Injection Techniques☆101Dec 6, 2020Updated 5 years ago
- Vulnerable web application☆81Feb 17, 2026Updated 4 months ago
- Clickjacking Proof-of-Concept Exploit☆26Oct 1, 2020Updated 5 years ago
- web cache poison - Top 1 web hacking technique of 2019☆25Feb 24, 2020Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- BurpSuite Pro Python Extension☆18Jul 11, 2013Updated 12 years ago
- TomcatBrute tool☆12Nov 4, 2016Updated 9 years ago
- This is a basic example of how to search into Shodan using the ShodanAPI.☆15Jan 19, 2014Updated 12 years ago
- PHP synthetic test cases generator☆10Oct 15, 2023Updated 2 years ago
- A tool for enumerating and retrieving exposed git repositories to recover source trees from external environments. Can utilise File Inclu…☆24Aug 20, 2020Updated 5 years ago
- Sample vulnerable code and its exploit code☆190Mar 14, 2021Updated 5 years ago
- 存放一些自己写过的漏洞利用脚本☆48Jul 21, 2019Updated 6 years ago