XXRF Shots - Useful for testing SSRF vulnerability
☆74Feb 18, 2023Updated 3 years ago
Alternatives and similar repositories for XXRF-Shots
Users that are interested in XXRF-Shots are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Simple Server Side Request Forgery services enumeration tool.☆56Aug 23, 2018Updated 7 years ago
- ☆32May 30, 2019Updated 6 years ago
- A Burpsuite extension written in Python to perform basic validation fuzzing☆11Oct 7, 2022Updated 3 years ago
- Boxer: A fast directory bruteforce tool written in Python with concurrency.☆14Feb 26, 2021Updated 5 years ago
- A tool to generate media files with malicious metadata☆129Feb 2, 2019Updated 7 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Oct 8, 2017Updated 8 years ago
- ☆18Sep 22, 2018Updated 7 years ago
- Automated blind-xss search for Burp Suite☆285Oct 10, 2019Updated 6 years ago
- Takeover script extracts CNAME record of all subdomains at once. TakeOver saves researcher time and increase the chance of finding subdom…☆101Apr 7, 2023Updated 2 years ago
- yet another dirbuster☆18Jan 14, 2021Updated 5 years ago
- POC for CVE-2018-15685☆42Aug 24, 2018Updated 7 years ago
- Script to automate PUT HTTP method exploitation to get shell☆125Jun 25, 2020Updated 5 years ago
- BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities☆118Dec 23, 2025Updated 3 months ago
- A LinkedIn Scraper☆15Aug 20, 2018Updated 7 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆40Mar 15, 2021Updated 5 years ago
- Tool made to automate tasks of pentesting.☆165Oct 26, 2019Updated 6 years ago
- Powerful Visual Subdomain Enumeration at the Click of a Mouse☆137Jun 6, 2019Updated 6 years ago
- ☆182Feb 21, 2022Updated 4 years ago
- Binary String Toolkit (BST). Quickly and easily convert binary strings for all your exploit development needs.☆23Jul 27, 2018Updated 7 years ago
- CVE-2017-9506 - SSRF☆190Feb 14, 2022Updated 4 years ago
- XSS explot kit/Blind XSS framework/BurpSuite extension☆49Jun 12, 2020Updated 5 years ago
- Script for monitoring changes in javascript files on WebApps for offensive reconnaissance.☆28Aug 4, 2021Updated 4 years ago
- SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over…☆383Aug 17, 2018Updated 7 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Network share sniffer and auto-mounter for crawling remote file systems☆213Mar 27, 2022Updated 3 years ago
- ☆12Dec 26, 2022Updated 3 years ago
- This script is intended to automate your reconnaissance process in an organized fashion☆39Aug 5, 2019Updated 6 years ago
- Nmap - the Network Mapper. Github mirror of official SVN repository.☆15Sep 25, 2019Updated 6 years ago
- Metateta Automated Tool For Scanning And Exploiting Network Protocols Using Metasploit☆84Jul 2, 2018Updated 7 years ago
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆471Nov 14, 2019Updated 6 years ago
- Test a network's egress controls with various levels of success and failure.☆105May 1, 2022Updated 3 years ago
- Python script for trying default passwords for some TP-Link Hotspots☆35Apr 29, 2021Updated 4 years ago
- VyAPI - A cloud based vulnerable hybrid Android App☆86Feb 21, 2020Updated 6 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Just a silly recon tool that uses data from SSL Certificates to find potential host names☆29Feb 17, 2026Updated last month
- A webshell framework for penetration testers.☆300Aug 10, 2025Updated 7 months ago
- Screenshot Shenanigans☆26Nov 20, 2017Updated 8 years ago
- Check Domain Fronting (chkdfront) - It checks if your domain fronting is working☆44Jun 26, 2021Updated 4 years ago
- Simple XXE test suite generated specifically for SAML interfaces☆23May 18, 2018Updated 7 years ago
- Proof-of-concept CORS exploitation tool.☆35Sep 7, 2019Updated 6 years ago
- Burp Suite extension for parsing Swagger web service definition files☆19Jul 15, 2025Updated 8 months ago