r0oth3x49 / Xpath
A python based cross-platform tool that automates the process of detecting and exploiting error-based injection security flaws.
☆137Updated 2 years ago
Alternatives and similar repositories for Xpath:
Users that are interested in Xpath are comparing it to the libraries listed below
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆212Updated 4 months ago
- Bypassing-Web-Application-Firewalls-And-XSS-Filters A series of python scripts for generating weird character combinations and lists for…☆145Updated 4 years ago
- POC Exploit for Apache Tomcat 7.0.x CVE-2017-12615 PUT JSP vulnerability.☆111Updated 2 years ago
- This python script is developed to show, how many vulnerables websites, which are laying around on the web. 1) Scan net for urls prone to…☆54Updated 8 years ago
- Local File Inclusion Exploitation Tool (mirror)☆123Updated 8 years ago
- Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.☆118Updated 4 years ago
- CVE-2017-9506 - SSRF☆188Updated 3 years ago
- A script to extract domain names from Content Security Policy(CSP) headers☆110Updated 5 years ago
- Toolset for detecting reflected xss in websites☆112Updated 6 years ago
- File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.☆271Updated 3 years ago
- GUI Burp Plugin to ease discovering of security holes in web applications☆148Updated 7 years ago
- Burp Suite extension to discover assets from HTTP response.☆221Updated last month
- CVE-2018-6389 Exploit In WordPress DoS☆80Updated 7 years ago
- BugBounty Tool☆39Updated 5 years ago
- Resolve and quickly portscan a list of (sub)domains.☆86Updated 8 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆311Updated 3 years ago
- Powerful Visual Subdomain Enumeration at the Click of a Mouse☆138Updated 5 years ago
- Bypassing WAF by abusing SSL/TLS Ciphers☆312Updated 3 years ago
- SQLiPy is a Python plugin for Burp Suite that integrates SQLMap using the SQLMap API.☆254Updated 8 months ago
- A collection of scripts to extend Burp Suite☆139Updated 5 years ago
- SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,...☆228Updated 5 years ago
- A blind SQL injection module that uses bitshfting to calculate characters.☆117Updated 2 years ago
- Relational database brute force and post exploitation tool for MySQL and MSSQL☆219Updated 8 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …☆60Updated 3 years ago
- Burp Suite extension to easily export sub domains☆44Updated 5 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆176Updated 4 years ago
- Version 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).☆378Updated 5 years ago
- This tool is for automate the initial things that we usually do in daily pentesting. So you can focus more on the main target.☆78Updated 5 years ago
- A series of python scripts for generating weird character combinations for bypassing web application firewalls (WAF) and XSS blockers☆273Updated 6 years ago
- ☆191Updated 5 years ago