sysmustang / csp-stealerView external linksLinks
Tool to retrieve web-page secrets and bypass Content Security Policy
☆51Jul 7, 2024Updated last year
Alternatives and similar repositories for csp-stealer
Users that are interested in csp-stealer are comparing it to the libraries listed below
Sorting:
- OSCP Cheat Sheet☆18Dec 17, 2023Updated 2 years ago
- WHY?☆18Sep 4, 2016Updated 9 years ago
- Havij based SQL Injection Tool. It's a SqlMap GUI version.☆17Feb 3, 2026Updated last week
- ☆13May 12, 2019Updated 6 years ago
- Chrome Extension for XSS Hunter Payloads☆41Sep 7, 2016Updated 9 years ago
- This Repo consists writeups of HackTheBox machines that I've solved while preparing for OSCP.☆12May 29, 2024Updated last year
- Obsidian vault with writeups for HackTheBox/Proving Grounds boxes and cheatsheets for CPTS/OSCP preparation.☆37Sep 8, 2025Updated 5 months ago
- XSSHunter written in Go with more notifications and features☆55Updated this week
- Tools for passing OSCP☆38Nov 21, 2025Updated 2 months ago
- Alternative to XSS Hunter for blind XSS.☆50Dec 8, 2022Updated 3 years ago
- simple http(s) proxy with python based sqlmapapi wrapper☆10Jul 20, 2015Updated 10 years ago
- burpsuite extension☆14Feb 1, 2023Updated 3 years ago
- Scripts, files, cheatsheets and more used for pentesting and my OSWE / AWAE exam.☆103Jan 30, 2026Updated 2 weeks ago
- Automatic SQL injection and database takeover tool.☆17Oct 22, 2017Updated 8 years ago
- XSS Hunter correlated injection API guide☆21Mar 24, 2016Updated 9 years ago
- List of periodically validated public DNS resolvers☆25Updated this week
- My shell tools & scripts☆22Nov 18, 2020Updated 5 years ago
- A collection of Burp Suite extensions☆30Jun 16, 2016Updated 9 years ago
- XPT - XSS Polyglot Tester☆36Mar 15, 2019Updated 6 years ago
- The fastest way to setup XSSHunter. It has options for the official and Discord/Slack Forks☆45Mar 2, 2024Updated last year
- it's quite self explanatory: a crawler with sqlmap☆13Jul 13, 2017Updated 8 years ago
- Simple utility to add a stream of DNS queries for random domains to obfuscate traffic patterns.☆11Oct 18, 2023Updated 2 years ago
- ☆10Apr 12, 2019Updated 6 years ago
- A script written in python3 to spread blind cross-site scripting payloads on HTTP requests headers☆10Oct 2, 2022Updated 3 years ago
- Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …☆24Jun 11, 2025Updated 8 months ago
- Repository for "Exploiting smart contract vulnerabilities" bachelor thesis at School of Electrical Engineering, University of Belgrade. P…☆10Sep 10, 2023Updated 2 years ago
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 4 years ago
- Burp Suite AMF Extension☆48Sep 24, 2018Updated 7 years ago
- Shellcode Loader | xss.is☆13Jul 26, 2024Updated last year
- tool that generates bypasses for open redirects☆51Apr 18, 2022Updated 3 years ago
- Training for SQL injections☆36Feb 3, 2019Updated 7 years ago
- PIA Port forwarding scripts☆10Mar 26, 2019Updated 6 years ago
- A curated list of awesome appsec tools available on Ubuntu 🗄️☆12Mar 4, 2024Updated last year
- Notes for red teamers - from cloud to Active Directory to many things in between.☆62Jan 7, 2026Updated last month
- Fast and lightweight Web Application Firewall Fingerprinting tool☆64Dec 21, 2024Updated last year
- Buggyapp is an vulnerable android application. This app can be used by pentesters, security researchers to practice Android application p…☆13Jun 4, 2022Updated 3 years ago
- Patch to make NGINX support HTTP/2 and SPDY simultaneously☆11Mar 22, 2017Updated 8 years ago
- UUID issues for Burp Suite☆53Jun 2, 2022Updated 3 years ago
- OSCP preparation tools, scripts and cheatsheets☆60Dec 19, 2022Updated 3 years ago