s0md3v / AwesomeXSS
Awesome XSS stuff
☆4,883Updated 5 months ago
Alternatives and similar repositories for AwesomeXSS:
Users that are interested in AwesomeXSS are comparing it to the libraries listed below
- HTTP parameter discovery suite.☆5,555Updated last month
- A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…☆3,776Updated 3 years ago
- A Tool for Domain Flyovers☆5,741Updated 2 years ago
- Most advanced XSS scanner.☆13,813Updated 3 weeks ago
- A collection of custom security tools for quick needs.☆3,189Updated last year
- A curated list of amazingly awesome Burp Extensions☆3,118Updated 2 months ago
- A container repository for my public web hacks!☆1,983Updated 2 years ago
- A python script that finds endpoints in JavaScript files☆3,895Updated last year
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,100Updated last year
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆3,911Updated 11 months ago
- 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List☆6,929Updated 8 months ago
- File upload vulnerability scanner and exploitation tool.☆3,189Updated last year
- A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me☆2,073Updated 4 months ago
- Git All the Payloads! A collection of web attack payloads.☆3,752Updated last year
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆3,854Updated 8 months ago
- Automatic SSRF fuzzer and exploitation tool☆3,148Updated last month
- A Workflow Engine for Offensive Security☆5,549Updated 2 months ago
- 🔥 Web-application firewalls (WAFs) from security standpoint.☆6,598Updated 5 months ago
- A high performance offensive security tool for reconnaissance and vulnerability scanning☆3,165Updated 10 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,248Updated 5 months ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,486Updated last year
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,105Updated 2 months ago
- Web application fuzzer☆6,137Updated 7 months ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,437Updated 7 months ago
- Knock Subdomain Scan☆3,967Updated 4 months ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,728Updated 8 months ago
- Automated All-in-One OS Command Injection Exploitation Tool.☆5,239Updated last week
- SSRF (Server Side Request Forgery) testing resources☆2,395Updated 6 months ago
- The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, su…☆3,434Updated last year
- In-depth attack surface mapping and asset discovery☆12,812Updated this week