rohit-sonii / Escalating-Self-XSS-to-Account-Takeover

Related projects ⓘ

Alternatives and complementary repositories for Escalating-Self-XSS-to-Account-Takeover

• osamahamad / Sensitive-Data-Exposures-with-Github
  Techniques / Tips and tricks for finding sensitive data exposures in Github for Penetration Testers / Bug Bounty Hunters
  ☆15Updated 4 years ago
• byt3hx / gup
  gup aka Get All Urls parameters to create wordlists for brute forcing parameters.
  ☆17Updated 2 years ago
• emadshanab / Adobe-Experience-Manager
  ☆33Updated 3 years ago
• notmarshmllow / credax
  Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.
  ☆10Updated 3 years ago
• SirBugs / JsValidator
  JsValidator is a tool created for validating the JS files after crawlling it from waybackurls
  ☆18Updated last year
• Ravirajrao / HackerOne-Reports
  Cool HackerOne Reports
  ☆18Updated last year
• BitTheByte / BitTraversal
  Burpsuite Plugin to detect Directory Traversal vulnerabilities
  ☆28Updated 3 years ago
• bp0lr / myGF_patterns
  ☆21Updated 3 years ago
• 0xPugal / bugbounty_profile
  Automate bug bounty recon using bash alias
  ☆15Updated 3 months ago
• Dheerajmadhukar / subzzZ
  SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.
  ☆38Updated 3 years ago
• emadshanab / Blind-XSS-burp-match-and-replace
  ☆27Updated 10 months ago
• R0X4R / ssrf-tool
  An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.
  ☆43Updated 3 years ago
• 0xNASSER / Lhijacking-finder
  ☆10Updated last year
• ihebski / db
  Bugbounty utility to store list of enumerated subdomains into an sqlite3 db [one liner style / Pipe and save]
  ☆28Updated 3 years ago
• DK9510 / automate-with-actions
  ☆18Updated 2 years ago
• gwen001 / bxss
  Alternative to XSS Hunter for blind XSS.
  ☆48Updated last year
• leetIbrahim / JSNotify
  JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…
  ☆18Updated 11 months ago
• Sybil-Scan / TLDbrute
  A simple utility to generate domain names with all possible TLDs
  ☆23Updated last year
• cybercdh / h2i
  Converts a hostname (or URI) to IP address using your local resolver
  ☆24Updated 7 months ago
• honoki / burp-copy-regex-matches
  Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.
  ☆33Updated 2 years ago
• emadshanab / DIR-WORDLISTS
  Some wordlists collected form github to all bug bounty hunters.
  ☆27Updated 3 years ago
• AdmiralGaust / bountyReconV2
  Framework to automate Bug Bounty Reconnaissance
  ☆42Updated 3 years ago
• akincibor / 403-bypass
  Enhanced 403 bypass header
  ☆21Updated 2 years ago
• BrownBearSec / Utils-and-Wrappers
  A repo for tools, utils, and wrappers that are to small to put in their own repo.
  ☆23Updated last year
• Ravaan21 / Chandrahasa
  A solid recon tool I use personally.
  ☆30Updated last year
• tamimhasan404 / Gau-Expose
  It grep subdomains, email/username, build custom wordlist etc from gau results
  ☆45Updated 2 years ago
• six2dez / resolvers_reconftw
  Resolvers updated daily for reconftw
  ☆46Updated last year
• akshaysharma016 / aem-detector
  ☆20Updated last year
• joefizz / autofindomain
  ☆24Updated 3 years ago