wisec / domxsswiki

Related projects ⓘ

Alternatives and complementary repositories for domxsswiki

• nahamsec / JSParser
  ☆787Updated 11 months ago
• filedescriptor / untrusted-types
  ☆654Updated 2 years ago
• cujanovic / Open-Redirect-Payloads
  Open Redirect Payloads
  ☆583Updated 3 weeks ago
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆511Updated last year
• PortSwigger / backslash-powered-scanner
  Finds unknown classes of injection vulnerabilities
  ☆636Updated last year
• fransr / bountyplz
  Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
  ☆443Updated 5 years ago
• appsecco / the-art-of-subdomain-enumeration
  This repository contains all the supplement material for the book "The art of sub-domain enumeration"
  ☆639Updated 5 years ago
• lc / theftfuzzer
  TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
  ☆308Updated last year
• pentester-io / commonspeak
  Content discovery wordlists generated using BigQuery
  ☆557Updated 4 years ago
• ZephrFish / BugBountyTemplates
  A collection of templates for bug bounty reporting
  ☆378Updated 3 years ago
• s0md3v / MyPapers
  Repository for hosting my research papers
  ☆502Updated 6 months ago
• PortSwigger / xss-cheatsheet-data
  This repository contains all the XSS cheatsheet data to allow contributions from the community.
  ☆403Updated this week
• mazen160 / bfac
  BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…
  ☆530Updated 2 years ago
• nahamsec / recon_profile
  ☆418Updated last year
• incredibleindishell / SSRF_Vulnerable_Lab
  This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
  ☆668Updated last year
• nahamsec / lazys3
  ☆531Updated 9 months ago
• msrkp / PPScan
  Client Side Prototype Pollution Scanner
  ☆511Updated 2 years ago
• fransr / postMessage-tracker
  A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon
  ☆1,054Updated 9 months ago
• TheHackerDev / race-the-web
  Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
  ☆588Updated 2 years ago
• assetnote / commonspeak2
  Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists
  ☆694Updated last year
• jdonsec / AllThingsSSRF
  This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
  ☆1,221Updated 3 years ago
• gwen001 / BB-datas
  Tools and datas related to Bug Bounty.
  ☆229Updated 2 years ago
• assetnote / commonspeak2-wordlists
  Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
  ☆524Updated 6 years ago
• random-robbie / keywords
  ☆353Updated 2 years ago
• teknogeek / ssrf-sheriff
  A simple SSRF-testing sheriff written in Go
  ☆315Updated last week
• jobertabma / relative-url-extractor
  A small tool that extracts relative URLs from a file.
  ☆730Updated 4 years ago
• zigoo0 / JSONBee
  A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
  ☆667Updated 6 months ago
• PortSwigger / upload-scanner
  HTTP file upload scanner for Burp Proxy
  ☆397Updated last year
• daeken / SSRFTest
  SSRF testing tool
  ☆241Updated last year
• jbarone / xxelab
  A simple web app with a XXE vulnerability.
  ☆224Updated 2 years ago