Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (-28.58%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (-72.11%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (-78.28%)
safe-svgSimple and lightweight library that helps to validate SVG files in security manners.
Stars: ✭ 25 (-99.32%)
SQL-XSSA few SQL and XSS attack tools
Stars: ✭ 29 (-99.21%)
Foxss-XSS-Penetration-Testing-ToolFoxss is a simple php based penetration Testing Tool.Currently it will help to find XSS vulnerability in websites.
Stars: ✭ 35 (-99.04%)
APSoft-Web-Scanner-v2Powerful dork searcher and vulnerability scanner for windows platform
Stars: ✭ 96 (-97.38%)
XsstrikeMost advanced XSS scanner.
Stars: ✭ 9,822 (+168.07%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (-21.89%)
rop-benchmarkROP Benchmark is a tool to compare ROP compilers
Stars: ✭ 23 (-99.37%)
xss-chefA web application for generating custom XSS payloads
Stars: ✭ 70 (-98.09%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-88.51%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-97.71%)
WriteupsThis repository contains writeups for various CTFs I've participated in (Including Hack The Box).
Stars: ✭ 61 (-98.34%)
payloadPSR-15 middleware to parse the body of the request with support for json, csv and url-encode
Stars: ✭ 30 (-99.18%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-92.11%)
safe-markedMarkdown to HTML using marked and DOMPurify. Safe by default.
Stars: ✭ 31 (-99.15%)
security-wrapper对springSecurity进行二次开发,提供OAuth2授权(支持跨域名,多应用授权)、JWT、SSO、文件上传、权限系统无障碍接入、接口防刷、XSS、CSRF、SQL注入、三方登录(绑定,解绑)、加密通信等一系列安全场景的解决方案
Stars: ✭ 21 (-99.43%)
ttt-extChrome extension to aid in finding DOMXSS by simple taint analysis of string values.
Stars: ✭ 81 (-97.79%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+5.29%)
litewafLightweight In-App Web Application Firewall for PHP
Stars: ✭ 32 (-99.13%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-97.95%)
CamRaptorCamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.
Stars: ✭ 106 (-97.11%)
linklink is a command and control framework written in rust
Stars: ✭ 345 (-90.58%)
NachtWalReinforced Mitigation Security Filter
Stars: ✭ 17 (-99.54%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (-97.68%)
certexfilExfiltration based on custom X509 certificates
Stars: ✭ 18 (-99.51%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (-91.81%)
XSS-CheatsheetXSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-99.29%)
Loki.RatLoki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.
Stars: ✭ 63 (-98.28%)
pix-payload-generator.netGerar payload para qrcode estático PIX. (Sistema de pagamento instantâneo do Brasil) Sem a necessidade de conexão com um PSP.
Stars: ✭ 23 (-99.37%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-91.54%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-97.08%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (-19.71%)
wasecExamples of security features (or mishaps) on web applications -- these are mostly examples and tutorials from the WASEC book.
Stars: ✭ 74 (-97.98%)
flow-stateUI state management with RxJS.
Stars: ✭ 33 (-99.1%)
Vuejs Serverside Template XssDemo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
Stars: ✭ 278 (-92.41%)
WinRAT(Windows/Linux/Mac) Remote Administration Tool
Stars: ✭ 35 (-99.04%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-99.62%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-90.97%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-99.13%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-98.96%)
ngx http html sanitize moduleIt's a nginx http module to sanitize HTML5 with whitelisted elements, whitelisted attributes and whitelisted CSS property
Stars: ✭ 14 (-99.62%)
pakkeroPakkero is a binary packer written in Go made for fun and educational purpose. Its main goal is to take in input a program file (elf binary, script, even appimage) and compress it, protect it from tampering and intrusion.
Stars: ✭ 143 (-96.1%)
html-sanitizerHTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.
Stars: ✭ 18 (-99.51%)
ng-dompurifyInclusive Angular API for DOMPurify
Stars: ✭ 65 (-98.23%)
sns-sqs-big-payloadAmazon SNS/SQS client library that enables sending and receiving messages with payload larger than 256KiB via Amazon S3.
Stars: ✭ 40 (-98.91%)
Application Security Engineer Interview QuestionsSome of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Stars: ✭ 267 (-92.71%)
persistent-clientside-xssExploit generator and Taint Engine to find persistent (and reflected) client-side XSS
Stars: ✭ 19 (-99.48%)
Defeat-Defender-V1.2Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
Stars: ✭ 885 (-75.85%)
Horus-EyeJust Simple Code To Play With Android Payloads (;
Stars: ✭ 54 (-98.53%)