QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-50.87%)
DompurifyDOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Stars: ✭ 8,177 (+3455.22%)
BbreconPython library and CLI for the Bug Bounty Recon API
Stars: ✭ 169 (-26.52%)
ImagejsSmall tool to package javascript into a valid image file.
Stars: ✭ 828 (+260%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-50%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+246.09%)
XlessThe Serverless Blind XSS App
Stars: ✭ 191 (-16.96%)
Xss PayloadsList of advanced XSS payloads
Stars: ✭ 696 (+202.61%)
MinesweeperA Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-29.57%)
Latte☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.
Stars: ✭ 616 (+167.83%)
XsscopeXSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Stars: ✭ 103 (-55.22%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+163.48%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-7.83%)
Corscanner Fast CORS misconfiguration vulnerabilities scanner🍻
Stars: ✭ 601 (+161.3%)
GowaptGo Web Application Penetration Test
Stars: ✭ 300 (+30.43%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+153.48%)
WascanWAScan - Web Application Scanner
Stars: ✭ 1,895 (+723.91%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+2603.48%)
Zebra formA jQuery augmented PHP library for creating secure HTML forms, and validating them easily
Stars: ✭ 95 (-58.7%)
Lighthouse SecurityRuns the default Google Lighthouse tests with additional security tests
Stars: ✭ 190 (-17.39%)
C4Open IP cameras in IPv4
Stars: ✭ 123 (-46.52%)
Prestashop Cve 2018 19126PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
Stars: ✭ 37 (-83.91%)
Githacker🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind
Stars: ✭ 524 (+127.83%)
Csp BuilderBuild Content-Security-Policy headers from a JSON file (or build them programmatically)
Stars: ✭ 496 (+115.65%)
Cs253.stanford.eduCS 253 Web Security course at Stanford University
Stars: ✭ 155 (-32.61%)
Webappsec Trusted TypesA browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
Stars: ✭ 424 (+84.35%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (-6.52%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+80%)
Pentesting toolkit🏴☠️ Tools for pentesting, CTFs & wargames. 🏴☠️
Stars: ✭ 1,268 (+451.3%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+828.26%)
ProtectProactively protect your Node.js web services
Stars: ✭ 394 (+71.3%)
XsserFrom XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Stars: ✭ 381 (+65.65%)
DomxssscannerDOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
Stars: ✭ 181 (-21.3%)
NoscriptThe popular NoScript Security Suite browser extension.
Stars: ✭ 366 (+59.13%)
Mobile Security Framework MobsfMobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+4340%)
TaipanWeb application vulnerability scanner
Stars: ✭ 359 (+56.09%)
Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-37.39%)
Scaner扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
Stars: ✭ 357 (+55.22%)
Project TauroA Router WiFi key recovery/cracking tool with a twist.
Stars: ✭ 52 (-77.39%)
Owasp Java EncoderThe OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Stars: ✭ 343 (+49.13%)
Awesome OcapAwesome Object Capabilities and Capability Security
Stars: ✭ 196 (-14.78%)
AwesomexssAwesome XSS stuff
Stars: ✭ 3,664 (+1493.04%)
Pythempentest framework
Stars: ✭ 1,060 (+360.87%)
BxssbXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (+43.91%)
JiffJavaScript library for building web-based applications that employ secure multi-party computation (MPC).
Stars: ✭ 131 (-43.04%)
Javaidjava source code static code analysis and danger function identify prog
Stars: ✭ 327 (+42.17%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+344.35%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (+34.78%)
Jwt PwnSecurity Testing Scripts for JWT
Stars: ✭ 170 (-26.09%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-83.91%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (-3.48%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (-6.96%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+323.91%)
Bunkerized Nginx🛡️ Make your web services secure by default !
Stars: ✭ 2,361 (+926.52%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (-48.26%)