terjanq / Tiny-XSS-PayloadsLinks
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
β2,199Updated 9 months ago
Alternatives and similar repositories for Tiny-XSS-Payloads
Users that are interested in Tiny-XSS-Payloads are comparing it to the libraries listed below
Sorting:
- List of XSS Vectors/Payloadsβ1,324Updated 8 months ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. π‘οΈβοΈπ§β1,791Updated last year
- A collection of awesome one-liner scripts especially for bug bounty tips.β2,933Updated last year
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β2,011Updated last year
- BBT - Bug Bounty Tools (examplesπ‘)β1,842Updated last year
- Rockyou for web fuzzingβ2,892Updated 3 weeks ago
- XSS payloads designed to turn alert(1) into P1β1,377Updated 2 years ago
- A Python program to scrape secrets from GitHub through usage of a large repository of dorks.β2,434Updated last year
- Contextual Content Discovery Toolβ2,953Updated last year
- CORS Misconfiguration Scannerβ1,465Updated 3 years ago
- Automated & Manual Wordlists provided by Assetnoteβ1,527Updated 3 weeks ago
- Payload Arsenal for Pentration Tester and Bug Bounty Huntersβ911Updated 2 years ago
- A collection of custom security tools for quick needs.β3,243Updated 2 years ago
- The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, fβ¦β4,285Updated 11 months ago
- A curated list of amazingly awesome Burp Extensionsβ3,282Updated 7 months ago
- ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.β2,123Updated last month
- Automatic SSRF fuzzer and exploitation toolβ3,333Updated 2 weeks ago
- Notes about attacking Jenkins serversβ2,079Updated last year
- β1,776Updated 3 months ago
- A fast tool to scan CRLF vulnerability written in Goβ1,471Updated last week
- This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single locationβ1,323Updated 4 years ago
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)β1,547Updated last year
- Prototype Pollution and useful Script Gadgetsβ1,524Updated last year
- π― XML External Entity (XXE) Injection Payload Listβ1,205Updated last year
- This challenge is Inon Shkedy's 31 days API Security Tips.β2,217Updated 3 years ago
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.β1,213Updated last year
- A python script that finds endpoints in JavaScript filesβ4,116Updated last year
- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for β¦β3,464Updated this week
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-iconβ1,212Updated last year
- 40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...β1,750Updated 2 years ago