xsscx/fuzz external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

xsscx/fuzz

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/xsscx/fuzz)

Close

xsscx / fuzzView on GitHubMore

• External links
• Readme badge

Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT

☆406Mar 19, 2026Updated this week

Alternatives and similar repositories for fuzz

Users that are interested in fuzz are comparing it to the libraries listed below

• maK- / parameth

  View on GitHub
  This tool can be used to brute discover GET and POST parameters
  ☆1,395Aug 24, 2019Updated 6 years ago
• securityidiots / CollabOzark

  View on GitHub
  CollabOzark is a simple tool which helps the researchers track SSRF, RCE, Blind XSS, XXE, External Resource Access payloads triggers.
  ☆136Sep 25, 2019Updated 6 years ago
• RhinoSecurityLabs / SleuthQL

  View on GitHub
  Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.
  ☆471Nov 14, 2019Updated 6 years ago
• cujanovic / SSRF-Testing

  View on GitHub
  SSRF (Server Side Request Forgery) testing resources
  ☆2,483Oct 12, 2024Updated last year
• 1N3 / IntruderPayloads

  View on GitHub
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,904Sep 27, 2021Updated 4 years ago
• nccgroup / freddy

  View on GitHub
  Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
  ☆583Sep 7, 2021Updated 4 years ago
• yandex / burp-molly-pack

  View on GitHub
  Security checks pack for Burp Suite
  ☆140Feb 8, 2018Updated 8 years ago
• attackercan / burp-xss-sql-plugin

  View on GitHub
  ☆44Sep 28, 2016Updated 9 years ago
• foospidy / payloads

  View on GitHub
  Git All the Payloads! A collection of web attack payloads.
  ☆3,916May 15, 2023Updated 2 years ago
• arbazkiraak / certasset

  View on GitHub
  Takes ip range, Scan all open SSL Certs, Grab Cnames
  ☆113Sep 23, 2018Updated 7 years ago
• cujanovic / Open-Redirect-Payloads

  View on GitHub
  Open Redirect Payloads
  ☆655Oct 12, 2024Updated last year
• nettitude / xss_payloads

  View on GitHub
  Exploitation for XSS
  ☆729Aug 5, 2021Updated 4 years ago
• BuffaloWill / oxml_xxe

  View on GitHub
  A tool for embedding XXE/XML exploits into different filetypes
  ☆1,135Dec 16, 2024Updated last year
• SpiderMate / B-XSSRF

  View on GitHub
  Toolkit to detect and keep track on Blind XSS, XXE & SSRF
  ☆293Aug 23, 2019Updated 6 years ago
• jobertabma / ground-control

  View on GitHub
  A collection of scripts that run on my web server. Mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.
  ☆549Jun 12, 2017Updated 8 years ago
• nccgroup / BurpSuiteHTTPSmuggler

  View on GitHub
  A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques
  ☆736May 4, 2019Updated 6 years ago
• teknogeek / ssrf-sheriff

  View on GitHub
  A simple SSRF-testing sheriff written in Go
  ☆336Oct 31, 2024Updated last year
• wagiro / BurpBounty

  View on GitHub
  Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…
  ☆1,787Apr 26, 2024Updated last year
• GrrrDog / Java-Deserialization-Cheat-Sheet

  View on GitHub
  The cheat sheet about Java Deserialization vulnerabilities
  ☆3,172May 26, 2023Updated 2 years ago
• ssl / ezXSS

  View on GitHub
  ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
  ☆2,250Jan 8, 2026Updated 2 months ago
• Droidzzzio / EnumerationList

  View on GitHub
  This Repo contains wordlist for subdomain enumeration , php file path, html file path, and js file path
  ☆107Aug 4, 2020Updated 5 years ago
• codingo / VHostScan

  View on GitHub
  A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…
  ☆1,284Aug 18, 2025Updated 7 months ago
• bugcrowd / HUNT

  View on GitHub
  ☆2,319Dec 8, 2023Updated 2 years ago
• whitel1st / docem

  View on GitHub
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆679Jan 28, 2024Updated 2 years ago
• internetwache / CT_subdomains

  View on GitHub
  An hourly updated list of subdomains gathered from certificate transparency logs
  ☆349Oct 13, 2021Updated 4 years ago
• j0bin / Pentest-Resources

  View on GitHub
  ☆122Mar 27, 2017Updated 8 years ago
• 0ang3el / EasyCSRF

  View on GitHub
  ☆162Dec 7, 2017Updated 8 years ago
• eur0pa / dirsearch-go

  View on GitHub
  A Go implementation of dirsearch.
  ☆43Mar 10, 2019Updated 7 years ago
• wish-i-was / femida

  View on GitHub
  Automated blind-xss search for Burp Suite
  ☆285Oct 10, 2019Updated 6 years ago
• decal / werdlists

  View on GitHub
  Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases
  ☆362Aug 14, 2024Updated last year
• gradiuscypher / bounty_tools

  View on GitHub
  Various tools for managing bug bounty recon and exploration.
  ☆48Dec 8, 2022Updated 3 years ago
• orangetw / Tiny-URL-Fuzzer

  View on GitHub
  A tiny and cute URL fuzzer
  ☆402Nov 10, 2022Updated 3 years ago
• gwen001 / pentest-tools

  View on GitHub
  A collection of custom security tools for quick needs.
  ☆3,286May 1, 2023Updated 2 years ago
• glem0 / goGetBucket

  View on GitHub
  A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.
  ☆116Mar 29, 2019Updated 6 years ago
• Leoid / MatchandReplace

  View on GitHub
  Match and Replace script used to automatically generate JSON option file to BurpSuite
  ☆215May 13, 2019Updated 6 years ago
• cujanovic / Content-Bruteforcing-Wordlist

  View on GitHub
  Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
  ☆217Oct 12, 2024Updated last year
• masatokinugawa / filterbypass

  View on GitHub
  Browser's XSS Filter Bypass Cheat Sheet
  ☆1,152May 6, 2017Updated 8 years ago
• righettod / virtualhost-payload-generator

  View on GitHub
  BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…
  ☆60Oct 8, 2017Updated 8 years ago
• Ice3man543 / SubOver

  View on GitHub
  A Powerful Subdomain Takeover Tool
  ☆962Oct 17, 2023Updated 2 years ago