template-injection-workshopWorkshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.
Stars: ✭ 99 (-88.04%)
XSS-CheatsheetXSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/
Stars: ✭ 26 (-96.86%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (-50%)
MissedITFully Featured hack Always Free As Feedom
Stars: ✭ 30 (-96.38%)
NetbareNet packets capture & injection library designed for Android
Stars: ✭ 716 (-13.53%)
SilentXMRMinerA Silent (Hidden) Monero (XMR) Miner Builder
Stars: ✭ 417 (-49.64%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-87.08%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-29.59%)
gulp-inject-partialsA recursive injection of partials based on their path name. Implementation of specific case of gulp-inject.
Stars: ✭ 26 (-96.86%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-98.31%)
Dalfox🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Stars: ✭ 791 (-4.47%)
nosqlilabA lab for playing with NoSQL Injection
Stars: ✭ 90 (-89.13%)
Process Inject在Windows环境下的进程注入方法:远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入
Stars: ✭ 395 (-52.29%)
gDorksVulnerable website scraper
Stars: ✭ 25 (-96.98%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+650.97%)
ProxyboundLinux applications proxifier
Stars: ✭ 81 (-90.22%)
XsserFrom XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Stars: ✭ 381 (-53.99%)
giuliusTools for loading file-based configuration files and mapping them with Guice's ``@Named`` and more
Stars: ✭ 18 (-97.83%)
AtlasQuick SQLMap Tamper Suggester
Stars: ✭ 679 (-18%)
NbInjectionPoC for inject zygote process by replacing system native bridge support
Stars: ✭ 70 (-91.55%)
NoscriptThe popular NoScript Security Suite browser extension.
Stars: ✭ 366 (-55.8%)
DomainkerBugBounty Tool
Stars: ✭ 40 (-95.17%)
Injdrvproof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
Stars: ✭ 541 (-34.66%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-89.86%)
Scaner扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
Stars: ✭ 357 (-56.88%)
logmapLog4j jndi injection fuzz tool
Stars: ✭ 60 (-92.75%)
AtscanAdvanced dork Search & Mass Exploit Scanner
Stars: ✭ 817 (-1.33%)
Owasp Java EncoderThe OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Stars: ✭ 343 (-58.57%)
safe-markedMarkdown to HTML using marked and DOMPurify. Safe by default.
Stars: ✭ 31 (-96.26%)
AviatorAntivirus evasion project
Stars: ✭ 529 (-36.11%)
security-wrapper对springSecurity进行二次开发,提供OAuth2授权(支持跨域名,多应用授权)、JWT、SSO、文件上传、权限系统无障碍接入、接口防刷、XSS、CSRF、SQL注入、三方登录(绑定,解绑)、加密通信等一系列安全场景的解决方案
Stars: ✭ 21 (-97.46%)
AwesomexssAwesome XSS stuff
Stars: ✭ 3,664 (+342.51%)
SqlinjectionwikiA wiki focusing on aggregating and documenting various SQL injection methods
Stars: ✭ 623 (-24.76%)
TiEtwAgentPoC memory injection detection agent based on ETW, for offensive and defensive research purposes
Stars: ✭ 135 (-83.7%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (-60.02%)
injectA simple Kotlin multi-platform abstraction around the javax.inject annotations.
Stars: ✭ 42 (-94.93%)
0d1nTool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
Stars: ✭ 506 (-38.89%)
MsfManiaPython AV Evasion Tools
Stars: ✭ 388 (-53.14%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-62.56%)
ngx http html sanitize moduleIt's a nginx http module to sanitize HTML5 with whitelisted elements, whitelisted attributes and whitelisted CSS property
Stars: ✭ 14 (-98.31%)
Mono.Cecil.InjectAn extension to Mono.Cecil that provides helper methods for simple method injection.
Stars: ✭ 65 (-92.15%)
tsdiDependency Injection container (IoC) for TypeScript
Stars: ✭ 50 (-93.96%)
JavacodeauditGetting started with java code auditing 代码审计入门的小项目
Stars: ✭ 289 (-65.1%)
html-sanitizerHTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.
Stars: ✭ 18 (-97.83%)
InjectifyPerform advanced MiTM attacks on websites with ease 💉
Stars: ✭ 612 (-26.09%)
ArachniWeb Application Security Scanner Framework
Stars: ✭ 2,942 (+255.31%)
Penetration testing poc渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Stars: ✭ 3,858 (+365.94%)
KoinKoin - a pragmatic lightweight dependency injection framework for Kotlin
Stars: ✭ 7,142 (+762.56%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (-3.86%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (-26.81%)