Alternatives and similar repositories for xss-to-rce

Users that are interested in xss-to-rce are comparing it to the libraries listed below

• PortSwigger / serialization-examples
  ☆39Updated last year
• aniqfakhrul / lazyParam
  A simple automation tool to detect lfi, rce and ssti vulnerability
  ☆55Updated 3 years ago
• kleiton0x00 / CRLF-one-liner
  A simple Bash one liner with aim to automate CRLF vulnerability scanning.
  ☆69Updated 4 years ago
• ExpLangcn / agartha
  a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …
  ☆49Updated 3 years ago
• dn9uy3n / Check-WP-CVE-2020-35489
  The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489
  ☆30Updated last year
• hussein98d / LFI-files
  Wordlist to bruteforce for LFI
  ☆123Updated 5 years ago
• duckstroms / xss-reflector
  XSS reflector vulnerabilities exploitation extended.
  ☆27Updated 3 years ago
• emadshanab / Huge_DIR_wordlist
  ☆48Updated 4 years ago
• ShutdownRepo / httpmethods
  HTTP verb tampering & methods enumeration
  ☆58Updated 3 years ago
• 0xAkashsky / sub-scout
  Simple bash Script to automate initial recon using (httpx, puredns, regulator, wayback, katana, aquatone)
  ☆34Updated last month
• devpwn / xmlrpc-scan
  golang tool to scan domains or single domains with know security issues against xmlrpc
  ☆62Updated last year
• carlospolop / Pastos
  ☆55Updated 2 years ago
• emadshanab / 971-MB-content_discovery_wordlist
  Collection of content discovery wordlists in one wordlist.
  ☆38Updated 3 years ago
• yavolo / Web-CTF-Cheatsheet
  Web CTF CheatSheet 🐈
  ☆34Updated 6 years ago
• kh4sh3i / ElasticSearch-Pentesting
  ElasticSearch exploit and Pentesting guide for penetration tester
  ☆27Updated 2 years ago
• JavierOlmedo / UltimateCMSWordlists
  📚 An ultimate collection wordlists of the best-known CMS
  ☆89Updated 11 months ago
• incogbyte / quickpress
  Small tool to automate SSRF wordpress and XMLRPC finder
  ☆81Updated 2 years ago
• gnothiseautonlw / burp-shell-fwd-lfi
  A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration
  ☆79Updated 4 years ago
• bot8080 / awesomeBugbounty
  ☆48Updated 4 years ago
• VitthalS / ivna
  Intentionally Vulnerable Nodejs Application & APIs
  ☆22Updated 3 years ago
• w4fz5uck5 / Pentest-notes
  Pentest stuff
  ☆49Updated last year
• dalbonip / theGreatRecon
  ☆28Updated 10 months ago
• kleiton0x00 / HTTP-Smuggling-Calculator
  Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.
  ☆71Updated 3 years ago
• GoSecure / request-smuggling-workshop
  ☆25Updated 2 years ago
• riramar / DesyncCL0
  A simple tool to detect vulnerabilities described here https://portswigger.net/research/browser-powered-desync-attacks.
  ☆36Updated 2 years ago
• OdinF13 / Bug-Bounty-Scripts
  Script for Bug Bounty
  ☆28Updated 3 years ago
• h1pmnh / sqli-dojo-docker
  A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment
  ☆44Updated 11 months ago
• rayhan0x01 / nodejs-websocket-sqli
  A simple NodeJS WebSocket WebApp vulnerable to blind SQL injection
  ☆70Updated 4 years ago
• 0xVIC / CheatSheets
  Cheat sheet
  ☆38Updated 5 years ago
• EasyRecon / wappaGo
  ☆56Updated last year