phra / crosserLinks
A Reflected / Stored / DOM XSS Scanner based on Headless Chrome Node API via Puppeteer
☆40Updated 2 years ago
Alternatives and similar repositories for crosser
Users that are interested in crosser are comparing it to the libraries listed below
Sorting:
- Maintaining account persistence via XSS and Oauth☆77Updated 6 years ago
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Updated 5 years ago
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆48Updated 4 years ago
- dns rebind tool with custom scripts☆83Updated 2 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- websocket-connection-smuggler☆66Updated 5 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Updated 4 years ago
- Burp extension to generate multi-step CSRF POC.☆30Updated 6 years ago
- Scan secrets from Continuous Integration Build Logs☆52Updated 5 years ago
- Hacking Artifactory with server side template injection☆51Updated 5 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆37Updated last year
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆46Updated 2 years ago
- Dump exposed HTTP .git fast☆50Updated 2 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Updated 5 years ago
- Auto Recon Bash Script☆31Updated 8 months ago
- Reconness Agents Script☆32Updated 3 years ago
- Spring Boot Actuator (jolokia) XXE/RCE☆23Updated 6 years ago
- ☆37Updated 5 years ago
- A simple tool to detect wildcards domain based on Amass's wildcards detector.☆65Updated 4 years ago
- Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…☆32Updated 6 years ago
- A Burp Suite extension for headless, unattended scanning.☆36Updated 5 years ago
- Manual JavaScript Linting is a Bug☆49Updated 4 years ago
- Simple python script to check against hypothetical JWT vulnerability.☆51Updated 4 years ago
- gathers the XSS cheatsheet payloads and creates a usable wordlist☆72Updated 4 years ago
- Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.☆41Updated 5 years ago
- Pulse SSL VPN Arbitrary File Read burp extension☆24Updated 6 years ago
- ☆36Updated 8 months ago
- ☆27Updated 5 years ago
- ☆32Updated 6 years ago
- Broken Link Hijacking Burp Extension☆57Updated 6 years ago