rohit-sonii / Escalating-Self-XSS-to-Account-Takeover
This repository contains complete source code for setting up the environment and exploit code for the vulnerability.
☆18Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Escalating-Self-XSS-to-Account-Takeover
- Techniques / Tips and tricks for finding sensitive data exposures in Github for Penetration Testers / Bug Bounty Hunters☆15Updated 4 years ago
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.☆17Updated 2 years ago
- ☆33Updated 3 years ago
- Credax - Fuzzing Tool with Slack Notifications. Also removes false positive responses.☆10Updated 3 years ago
- JsValidator is a tool created for validating the JS files after crawlling it from waybackurls☆18Updated last year
- Cool HackerOne Reports☆18Updated last year
- Burpsuite Plugin to detect Directory Traversal vulnerabilities☆28Updated 3 years ago
- ☆21Updated 3 years ago
- Automate bug bounty recon using bash alias☆15Updated 3 months ago
- SubzzZ to find possible subdomains using passive recon. Tool also support Permutations, Mutations, Alterations.☆38Updated 3 years ago
- ☆27Updated 10 months ago
- An SSRF detector tool written in golang. I have fixed some errors and added some more payloads to it. But the tool credits go to z0idsec.☆43Updated 3 years ago
- ☆10Updated last year
- Bugbounty utility to store list of enumerated subdomains into an sqlite3 db [one liner style / Pipe and save]☆28Updated 3 years ago
- ☆18Updated 2 years ago
- Alternative to XSS Hunter for blind XSS.☆48Updated last year
- JSNotify is a Python script designed to monitor JavaScript files in a specified directory for changes. This tool can be used by developer…☆18Updated 11 months ago
- A simple utility to generate domain names with all possible TLDs☆23Updated last year
- Converts a hostname (or URI) to IP address using your local resolver☆24Updated 7 months ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆33Updated 2 years ago
- Some wordlists collected form github to all bug bounty hunters.☆27Updated 3 years ago
- Framework to automate Bug Bounty Reconnaissance☆42Updated 3 years ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- A repo for tools, utils, and wrappers that are to small to put in their own repo.☆23Updated last year
- A solid recon tool I use personally.☆30Updated last year
- It grep subdomains, email/username, build custom wordlist etc from gau results☆45Updated 2 years ago
- Resolvers updated daily for reconftw☆46Updated last year
- ☆20Updated last year
- ☆24Updated 3 years ago