BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application. This tool was originally developed by Shawar Khan in CLI. I just redesigned it and made it GUI for more convienience.
☆563Jun 17, 2021Updated 4 years ago
Alternatives and similar repositories for BruteXSS
Users that are interested in BruteXSS are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications…☆1,435Sep 17, 2024Updated last year
- A unique automated LFi Exploiter with Bind/Reverse Shells☆308Jun 25, 2015Updated 10 years ago
- XSS spider - 66/66 wavsep XSS detected☆1,743Jun 13, 2024Updated last year
- The Hacker's ToolBox☆193Jun 29, 2017Updated 8 years ago
- Most advanced XSS scanner.☆14,913Apr 26, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- WebDigger is a python based tool, specially created to get a company's unknown domain for pentestor.☆17Aug 6, 2016Updated 9 years ago
- Local file inclusion exploitation tool☆949Oct 1, 2025Updated 6 months ago
- Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.☆1,739Dec 1, 2024Updated last year
- ☆333Jan 8, 2018Updated 8 years ago
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆1,931Apr 13, 2022Updated 4 years ago
- This tool can be used to brute discover GET and POST parameters☆1,395Aug 24, 2019Updated 6 years ago
- Opinionated organisation-centric OSINT footprinting inspired from recon-ng and Maltego☆180Jul 29, 2017Updated 8 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,148Apr 21, 2024Updated 2 years ago
- From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras☆426Feb 18, 2020Updated 6 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Web application fuzzer☆6,477Jan 21, 2026Updated 3 months ago
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.☆2,264Jan 8, 2026Updated 3 months ago
- Burp plugin to do random fuzzing of HTTP requests☆33Jan 31, 2017Updated 9 years ago
- Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion in Python3☆27Feb 27, 2023Updated 3 years ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,700Jan 5, 2026Updated 3 months ago
- An automatic XSS discovery tool☆412Apr 17, 2018Updated 8 years ago
- Correlated injection proxy tool for XSS Hunter☆257Dec 26, 2022Updated 3 years ago
- A Tool for Domain Flyovers☆5,927May 22, 2022Updated 3 years ago
- ☆2,323Dec 8, 2023Updated 2 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Username tools for penetration testing☆1,374Sep 20, 2024Updated last year
- kadimus is a tool to check and exploit lfi vulnerability.☆567Aug 17, 2020Updated 5 years ago
- Automated NoSQL database enumeration and web application exploitation tool.☆3,270Feb 20, 2026Updated 2 months ago
- WAFNinja is a tool which contains two functions to attack Web Application Firewalls.☆825Dec 6, 2017Updated 8 years ago
- File upload vulnerability scanner and exploitation tool.☆3,314May 8, 2025Updated 11 months ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,795Apr 26, 2024Updated 2 years ago
- A swiss army knife for pentesting networks☆9,129Dec 6, 2023Updated 2 years ago
- A fast DOM based XSS vulnerability scanner with simplicity.☆859Sep 30, 2022Updated 3 years ago
- WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆6,316Apr 19, 2026Updated last week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- XssPy - Web Application XSS Scanner☆844Jan 20, 2023Updated 3 years ago
- Damn Small XSS Scanner☆431Dec 1, 2020Updated 5 years ago
- A default credential scanner.☆1,501Jul 8, 2025Updated 9 months ago
- massive SQL injection vulnerability scanner☆1,232Aug 14, 2018Updated 7 years ago
- OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/☆1,178Sep 11, 2024Updated last year
- PowerShell Pass The Hash Utils☆1,753Dec 9, 2018Updated 7 years ago
- Server-side request forgery detector☆164Jun 26, 2017Updated 8 years ago