xhzeem / reflxssView external linksLinks
A basic tool to check for XSS vulnerabilities. It takes a list of URLs and checks if the parameter values appear in the response.
☆30Jul 30, 2024Updated last year
Alternatives and similar repositories for reflxss
Users that are interested in reflxss are comparing it to the libraries listed below
Sorting:
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆149Feb 21, 2024Updated last year
- 🐚ᴠʟᴀɴɢ ʀᴇᴠᴇʀsᴇ sʜᴇʟʟ🐚☆11Apr 28, 2022Updated 3 years ago
- SSH & FTP brute-forcing tool written in python☆11Oct 2, 2024Updated last year
- HackerOne Notifier is an automated bot that monitors new programs launched on HackerOne and sends Telegram Bot notifications whenever a n…☆22Nov 4, 2025Updated 3 months ago
- 一个用于修改右键插件菜单层级的Burpsuite插件。A simple BurpSuite extension to change extension context menu level.☆14Jan 15, 2024Updated 2 years ago
- Subdomains scanner Spider☆13Feb 29, 2024Updated last year
- SNMP Bash Script to discover valid community strings, dump basic information, check for write permission and check for RCE.☆11Apr 27, 2024Updated last year
- Here we are gather all Nuclei Templates that are Publically available.☆15Apr 28, 2024Updated last year
- collect robots.txt endpoint for allowed and disallowed endpoints from a list of subdomains☆14Jan 23, 2023Updated 3 years ago
- A tool to enumerate and download files from the System Center Configuration Manager (SCCM) SMB share (SCCMContentLib)☆16Jul 27, 2024Updated last year
- Vulnerability scanner for Spring4Shell (CVE-2022-22965)☆12Apr 7, 2022Updated 3 years ago
- A tool for extract Endpoints, URLs and Secrets from contents☆67Feb 2, 2026Updated 2 weeks ago
- Another vulnerability scanner☆18Aug 9, 2025Updated 6 months ago
- Your favourite chest/terminal bursting buddy!☆17Nov 27, 2021Updated 4 years ago
- CVE-2023-22621: SSTI to RCE by Exploiting Email Templates affecting Strapi Versions <=4.5.5☆24Apr 25, 2023Updated 2 years ago
- This Burp extension extracts various data (path, parameter keys, parameter values, subdomains, etc.) from the sitemap. This data is used …☆43Sep 9, 2021Updated 4 years ago
- A simple command line tool designed to explore the mechanics of dictionary attacks on the FTP protocol.☆19Jun 16, 2021Updated 4 years ago
- This script automates SQL injection testing using SQLMap with AI-powered decision making.☆29Jun 13, 2025Updated 8 months ago
- BountyDrive is a comprehensive tool designed for penetration testers and cybersecurity researchers. It integrates various modules for per…☆19Jul 15, 2024Updated last year
- 弱密码扫描工具,支持9种软件/Web弱密码扫描,分别是:ssh、postgresql、Redis、MySQL、mongoDB、FTP、sqlserver(mssql)、Dahua(大华)、hikvision(海康威视)☆17Sep 6, 2023Updated 2 years ago
- Welcome to the 403 and 401 Bypass Techniques and Bug Bounty Tips repository! This repo is a collection of methods and strategies to bypas…☆19Dec 26, 2024Updated last year
- ☆30Sep 9, 2025Updated 5 months ago
- ☆47Sep 20, 2024Updated last year
- ScrapeAW is a framework that without API scrape IPs across the world using Shodan☆11May 16, 2024Updated last year
- undust is a URL pattern generator that helps uncover archived, backup, and temporary files left behind on web servers. Given a URL, it ge…☆52Jul 17, 2025Updated 7 months ago
- Kumpulan virtex WhatsApp☆30Aug 17, 2020Updated 5 years ago
- ☆32Updated this week
- Golang tool which helps dropping the irrelevant entries from your ffuf result file.☆141Sep 16, 2024Updated last year
- Scripts to set up your own Android 📱 app hacking lab☆98Jul 12, 2024Updated last year
- This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used…☆25Apr 19, 2022Updated 3 years ago
- script python to check url list via cookies and Authorization☆19Feb 28, 2023Updated 2 years ago
- The second version of SQL Hunter. SQLi Hunter is a URL (Blind) SQL injection checker for multiple pages.☆93Mar 4, 2023Updated 2 years ago
- Nuclei template and information about the POC for CVE-2024-25600☆31Feb 21, 2024Updated last year
- ☆38May 4, 2025Updated 9 months ago
- ☆20Apr 5, 2023Updated 2 years ago
- A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…☆91Jan 21, 2026Updated 3 weeks ago
- A user enumeration tool for Slack.☆35Jun 10, 2024Updated last year
- Filter URLs to save your time.☆60Jul 29, 2022Updated 3 years ago
- ☆28Jan 6, 2024Updated 2 years ago