XXRF Shots - Useful for testing SSRF vulnerability
☆74Feb 18, 2023Updated 3 years ago
Alternatives and similar repositories for XXRF-Shots
Users that are interested in XXRF-Shots are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple Server Side Request Forgery services enumeration tool.☆56Aug 23, 2018Updated 7 years ago
- ☆32May 30, 2019Updated 6 years ago
- A Burpsuite extension written in Python to perform basic validation fuzzing☆11Oct 7, 2022Updated 3 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- A tool to generate media files with malicious metadata☆129Feb 2, 2019Updated 7 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- ☆18Sep 22, 2018Updated 7 years ago
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Oct 8, 2017Updated 8 years ago
- Automated blind-xss search for Burp Suite☆284Oct 10, 2019Updated 6 years ago
- Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdom…☆101Apr 7, 2023Updated 3 years ago
- yet another dirbuster☆18Jan 14, 2021Updated 5 years ago
- Script to automate PUT HTTP method exploitation to get shell☆125Jun 25, 2020Updated 5 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆120Dec 23, 2025Updated 4 months ago
- A LinkedIn Scraper☆15Aug 20, 2018Updated 7 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Mar 15, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Powerful Visual Subdomain Enumeration at the Click of a Mouse☆138Jun 6, 2019Updated 6 years ago
- ☆184Feb 21, 2022Updated 4 years ago
- CVE-2017-9506 - SSRF☆191Feb 14, 2022Updated 4 years ago
- XSS explot kit/Blind XSS framework/BurpSuite extension☆49Jun 12, 2020Updated 5 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…☆383Aug 17, 2018Updated 7 years ago
- POC for CVE-2018-15685☆42Aug 24, 2018Updated 7 years ago
- Tool made to automate tasks of pentesting.☆165Oct 26, 2019Updated 6 years ago
- ☆12Dec 26, 2022Updated 3 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- This script is intended to automate your reconnaissance process in an organized fashion☆39Aug 5, 2019Updated 6 years ago
- Nmap - the Network Mapper. Github mirror of official SVN repository.☆15Sep 25, 2019Updated 6 years ago
- Network share sniffer and auto-mounter for crawling remote file systems☆213Mar 27, 2022Updated 4 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆472Nov 14, 2019Updated 6 years ago
- Test a network's egress controls with various levels of success and failure.☆105May 1, 2022Updated 4 years ago
- Python script for trying default passwords for some TP-Link Hotspots☆35Apr 22, 2026Updated last week
- VyAPI - A cloud based vulnerable hybrid Android App☆86Feb 21, 2020Updated 6 years ago
- Just a silly recon tool that uses data from SSL Certificates to find potential host names☆29Feb 17, 2026Updated 2 months ago
- A webshell framework for penetration testers.☆301Aug 10, 2025Updated 8 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Screenshot Shenanigans☆25Nov 20, 2017Updated 8 years ago
- Check Domain Fronting (chkdfront) - It checks if your domain fronting is working☆44Jun 26, 2021Updated 4 years ago
- Simple XXE test suite generated specifically for SAML interfaces☆23May 18, 2018Updated 7 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Metateta Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit☆83Jul 2, 2018Updated 7 years ago
- Burp Suite extension for parsing Swagger web service definition files☆19Jul 15, 2025Updated 9 months ago
- A PoC Java Stager which can download, compile, and execute a Java file in memory.☆108Aug 6, 2018Updated 7 years ago