terjanq / Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
☆2,062Updated 3 months ago
Alternatives and similar repositories for Tiny-XSS-Payloads:
Users that are interested in Tiny-XSS-Payloads are comparing it to the libraries listed below
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, f…☆4,162Updated 5 months ago
- A curated list of amazingly awesome Burp Extensions☆3,105Updated last month
- List of XSS Vectors/Payloads☆1,221Updated 2 months ago
- Awesome XSS stuff☆4,872Updated 4 months ago
- Rockyou for web fuzzing☆2,740Updated last month
- XSS payloads designed to turn alert(1) into P1☆1,347Updated last year
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3☆1,929Updated last year
- A collection of awesome one-liner scripts especially for bug bounty tips.☆2,803Updated 7 months ago
- A python script that finds endpoints in JavaScript files☆3,870Updated 11 months ago
- Automatic SSRF fuzzer and exploitation tool☆3,126Updated last month
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙☆1,742Updated 9 months ago
- Reverse proxies cheatsheet☆1,803Updated last year
- Fetch all the URLs that the Wayback Machine knows about for a domain☆3,794Updated 10 months ago
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing☆2,669Updated 9 months ago
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for …☆3,269Updated this week
- BBT - Bug Bounty Tools (examples💡)☆1,779Updated 11 months ago
- Contextual Content Discovery Tool☆2,777Updated 11 months ago
- Automated & Manual Wordlists provided by Assetnote☆1,401Updated 7 months ago
- Notes about attacking Jenkins servers☆2,038Updated 8 months ago
- An OOB interaction gathering server and client library☆3,655Updated this week
- The Swiss Army knife for automated Web Application Testing☆2,210Updated 10 months ago
- Prototype Pollution and useful Script Gadgets☆1,465Updated last year
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,123Updated last year
- 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.☆4,075Updated this week
- HTTP parameter discovery suite.☆5,528Updated last month
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,083Updated last month
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.☆5,394Updated 7 months ago
- Take a list of domains and probe for working HTTP and HTTPS servers☆2,967Updated 9 months ago
- Find domains and subdomains related to a given domain☆3,200Updated 9 months ago
- CORS Misconfiguration Scanner☆1,394Updated 2 years ago