Alternatives and similar repositories for xss-payload-list:

Users that are interested in xss-payload-list are comparing it to the libraries listed below

• payloadbox / command-injection-payload-list
  🎯 Command Injection Payload List
  ☆3,081Updated 6 months ago
• payloadbox / sql-injection-payload-list
  🎯 SQL Injection Payload List
  ☆5,136Updated 6 months ago
• 1N3 / IntruderPayloads
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,711Updated 3 years ago
• s0md3v / Arjun
  HTTP parameter discovery suite.
  ☆5,376Updated last month
• EdOverflow / bugbounty-cheatsheet
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆6,013Updated last year
• hahwul / dalfox
  🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
  ☆3,880Updated last week
• fuzzdb-project / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆8,337Updated last year
• michenriksen / aquatone
  A Tool for Domain Flyovers
  ☆5,694Updated 2 years ago
• ticarpi / jwt_tool
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆5,546Updated 5 months ago
• GerbenJavado / LinkFinder
  A python script that finds endpoints in JavaScript files
  ☆3,789Updated 9 months ago
• s0md3v / AwesomeXSS
  Awesome XSS stuff
  ☆4,832Updated 2 months ago
• xmendez / wfuzz
  Web application fuzzer
  ☆6,019Updated 5 months ago
• rebootuser / LinEnum
  Scripted Local Linux Enumeration & Privilege Escalation Checks
  ☆7,140Updated last year
• snoopysecurity / awesome-burp-extensions
  A curated list of amazingly awesome Burp Extensions
  ☆3,040Updated 2 months ago
• streaak / keyhacks
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆5,232Updated 5 months ago
• reddelexc / hackerone-reports
  Top disclosed reports from HackerOne
  ☆4,098Updated 3 weeks ago
• epinna / tplmap
  Server-Side Template Injection and Code Injection Detection and Exploitation Tool
  ☆3,850Updated 8 months ago
• EdOverflow / can-i-take-over-xyz
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆4,964Updated last week
• The-Z-Labs / linux-exploit-suggester
  Linux privilege escalation auditing tool
  ☆5,739Updated 11 months ago
• gwen001 / pentest-tools
  A collection of custom security tools for quick needs.
  ☆3,164Updated last year
• swisskyrepo / SSRFmap
  Automatic SSRF fuzzer and exploitation tool
  ☆3,051Updated 7 months ago
• commixproject / commix
  Automated All-in-One OS Command Injection Exploitation Tool.
  ☆4,682Updated this week
• mandatoryprogrammer / xsshunter-express
  An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
  ☆1,685Updated 10 months ago
• Tib3rius / AutoRecon
  AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
  ☆5,260Updated 7 months ago
• internetwache / GitTools
  A repository with 3 tools for pwn'ing websites with .git repositories available
  ☆3,902Updated last year
• DominicBreuker / pspy
  Monitor linux processes without root permissions
  ☆5,059Updated 2 years ago
• ffuf / ffuf
  Fast web fuzzer written in Go
  ☆13,030Updated 6 months ago
• aboul3la / Sublist3r
  Fast subdomains enumeration tool for penetration testers
  ☆10,029Updated 5 months ago
• foospidy / payloads
  Git All the Payloads! A collection of web attack payloads.
  ☆3,657Updated last year
• RedSiege / EyeWitness
  EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
  ☆5,106Updated 2 months ago