Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+169.57%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+747.83%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (+187.83%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+2175.65%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (-8.7%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-1.74%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-26.96%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+788.7%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+746.96%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+155.65%)
EagleMultithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities
Stars: ✭ 85 (-26.09%)
ResourcesNo description or website provided.
Stars: ✭ 38 (-66.96%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+671.3%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (+3.48%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+406.96%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (+587.83%)
S3reverseThe format of various s3 buckets is convert in one format. for bugbounty and security testing.
Stars: ✭ 61 (-46.96%)
S3scannerScan for open AWS S3 buckets and dump the contents
Stars: ✭ 1,319 (+1046.96%)
Rfd CheckerRFD Checker - security CLI tool to test Reflected File Download issues
Stars: ✭ 56 (-51.3%)
JaelesThe Swiss Army knife for automated Web Application Testing
Stars: ✭ 1,073 (+833.04%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+1106.09%)
Pentest GuidePenetration tests guide based on OWASP including test cases, resources and examples.
Stars: ✭ 1,316 (+1044.35%)
Pentesting BibleLearn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+7709.57%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-46.09%)
ZileExtract API keys from file or url using by magic of python and regex.
Stars: ✭ 61 (-46.96%)
UddupUrls de-duplication tool for better recon.
Stars: ✭ 103 (-10.43%)
Differerdifferer finds how URLs are parsed by different languages in order to help bug hunters break filters
Stars: ✭ 56 (-51.3%)
Aws ScannerScans a list of websites for Cloudfront or S3 Buckets
Stars: ✭ 93 (-19.13%)
Pythempentest framework
Stars: ✭ 1,060 (+821.74%)
Crlf Injection ScannerCommand line tool for testing CRLF injection on a list of domains.
Stars: ✭ 91 (-20.87%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-58.26%)
HaliveA fast http and https prober, to check which URLs are alive
Stars: ✭ 47 (-59.13%)
Nuclei TemplatesCommunity curated list of templates for the nuclei engine to find security vulnerabilities.
Stars: ✭ 1,354 (+1077.39%)
XsstrikeMost advanced XSS scanner.
Stars: ✭ 9,822 (+8440.87%)
Bug Bounty ResponsesA collection of response templates for invalid bug bounty reports.
Stars: ✭ 46 (-60%)
AcamarA Python3 based single-file subdomain enumerator
Stars: ✭ 89 (-22.61%)
DrishtiA fast HTTP Response status checker implemented in Python3
Stars: ✭ 46 (-60%)
BurpbountyBurp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Stars: ✭ 1,026 (+792.17%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-0.87%)
DekstereconWeb Application recon automation
Stars: ✭ 109 (-5.22%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+1086.09%)
CspGiven a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.
Stars: ✭ 89 (-22.61%)
AwsbucketdumpSecurity Tool to Look For Interesting Files in S3 Buckets
Stars: ✭ 1,021 (+787.83%)
Legal Bug Bounty#legalbugbounty project — creating safe harbors on bug bounty programs and vulnerability disclosure programs. Authored by Amit Elazari.
Stars: ✭ 42 (-63.48%)
ArlARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Stars: ✭ 1,357 (+1080%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-24.35%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-67.83%)
BrutexAutomatically brute force all services running on a target.
Stars: ✭ 974 (+746.96%)
Parsevip解析VIP资源,解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
Stars: ✭ 105 (-8.7%)