ropnop / xxetimesView external linksLinks
An interactive OOB XXE data exfiltration tool
☆91May 31, 2017Updated 8 years ago
Alternatives and similar repositories for xxetimes
Users that are interested in xxetimes are comparing it to the libraries listed below
Sorting:
- View screenshots as a slideshow over http☆15Mar 13, 2020Updated 5 years ago
- Cheat sheets☆10Jul 4, 2016Updated 9 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Dec 12, 2018Updated 7 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- XXE attack tool☆31Feb 20, 2016Updated 9 years ago
- The fastest (and least featureful) DNS bruteforcer in the South☆27Dec 31, 2019Updated 6 years ago
- An example of high-QPS requesting Burp Intruder style on AWS Lambda via self-invocation.☆22Nov 15, 2018Updated 7 years ago
- Actarus is a custom tool for bug bounty☆77Nov 14, 2019Updated 6 years ago
- Scan and categorize websites for rapid triage☆12Jun 23, 2022Updated 3 years ago
- A better dns bruteforcer written in golang☆13Nov 4, 2018Updated 7 years ago
- Simple XXE test suite generated specifically for SAML interfaces☆22May 18, 2018Updated 7 years ago
- Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)☆135Jan 15, 2020Updated 6 years ago
- This is a Burp extension for adding additional payloads to active scanner that require out-of-band validation. Works great with XSSHunter☆20Feb 16, 2017Updated 9 years ago
- Merge results from NMAP and Masscan into one CSV file☆18Jun 19, 2018Updated 7 years ago
- A horizontal and vertical web content enumerator☆52Aug 15, 2018Updated 7 years ago
- A mini webserver with FTP support for XXE payloads☆342Jan 3, 2024Updated 2 years ago
- Runs Responder, uploads hashes for cracking, alerts when cracked☆37Mar 16, 2016Updated 9 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆631Feb 5, 2019Updated 7 years ago
- JavaScript Reversed TCP Meterpreter Stager☆138May 25, 2017Updated 8 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 4 years ago
- PLASMA PULSAR☆70May 19, 2017Updated 8 years ago
- POC code to crash Windows Event Logger Service☆27Oct 16, 2020Updated 5 years ago
- Use a LLM to create the ultimate Leek AI for Leek Wars! 🥬☆16May 2, 2024Updated last year
- A playground to practice SSRF Attacks against web apps☆17Oct 15, 2018Updated 7 years ago
- Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions☆226Mar 29, 2022Updated 3 years ago
- This repository contains hit lists to use for web application content discovery.☆11May 31, 2017Updated 8 years ago
- A tool for embedding XXE/XML exploits into different filetypes☆1,129Dec 16, 2024Updated last year
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Sep 24, 2012Updated 13 years ago
- commonspeak2 subdomains wordlist generated daily **DEPRECATED** The author(s) of commonspeak2 maintain an official repo with more lists. …☆40May 21, 2021Updated 4 years ago
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- Content discovery wordlists generated using BigQuery☆580Apr 26, 2020Updated 5 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- A kinda reckless dns resolver. Still under development.☆16Mar 23, 2020Updated 5 years ago
- malicious file maker/sender to create and send malicious attachments to test your email filter/alerting☆71Oct 19, 2017Updated 8 years ago
- Cobalt Strike SCT payload obfuscator☆143Jul 7, 2017Updated 8 years ago
- PoC for an adaptive parallelised DNS prober☆109Oct 4, 2022Updated 3 years ago
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Oct 8, 2017Updated 8 years ago
- A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.☆550Jun 12, 2017Updated 8 years ago