650 Open source projects that are alternatives of or similar to Quickxss

Cross-site scripting labs for web application security enthusiasts

A tool to check a bunch of URLs that contain reflecting params.

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

Top disclosed reports from HackerOne

Toolset for detecting reflected xss in websites

XSS Payload without Anything.

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Reconky is an great Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

A big list of Android Hackerone disclosed reports and other resources.

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Powerfull XSS Scanning and Parameter analysis tool&gem

A fast DOM based XSS vulnerability scanner with simplicity.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

XSS in pastebin.com and reddit.com via unsanitized markdown output

A replacement of "qsreplace", accepts URLs as standard input, replaces all query string values with user-supplied values and stdout.

An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

Hacking tools

No description or website provided.

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

Bash library which provides utility functions and helpers for functional programming in Bash.

Sort GNOME apps dashboard by category.

Urls de-duplication tool for better recon.

Collection of Facebook Bug Bounty Writeups

Command line tool for testing CRLF injection on a list of domains.

Collection of quality safety articles. Awesome articles.

Most advanced XSS scanner.

A Python3 based single-file subdomain enumerator

Transparent proxy through Tor for Arch Linux OS

Given a list of hosts, this small utility fetches all whitelisted domains from the hosts' CSPs.

Random Tools for Bug Bounty

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

GPG symmetric password manager

Community curated list of templates for the nuclei engine to find security vulnerabilities.

The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.

Bash Script for downloading content from PornHub (the easy way)

Awesome tmux-based terminal divider

Simple shopping cart web app made using Spring Boot + Thymeleaf

bug bounty hunters starter notes

Web Application recon automation

A container repository for my public web hacks!

Simple and efficient way to show information about Memcache.

i3lock script that takes a screenshot of the desktop, blurs the background and adds a lock icon and text

ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产，构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产，发现存在的薄弱点和攻击面。

A simple shell utility for encrypting and decrypting files using OpenSSL.

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Script to undervolt Intel CPUs

A short shell script that returns you your IPv4 address and its geolocation.

A curated list of various bug bounty tools

A suite of tools to help manage your media collection.

Helper scripts for GitHub Enterprise admins

Secret and/ credential patterns used for gf.

A simple git commit checker

Subdomain Takeover tool written in Go

A wget script that makes pillaging websites much easier.