671 Open source projects that are alternatives of or similar to Xss Loader

Git All the Payloads! A collection of web attack payloads.

Powerfull XSS Scanning and Parameter analysis tool&gem

Infection vector that bypasses AV, IDS, and IPS. (For now...)

A list of resources for those interested in getting started in bug bounties

Hacking tools

A container repository for my public web hacks!

Collection of quality safety articles. Awesome articles.

pentest framework

🎯 SQL Injection Payload List

🎯 XML External Entity (XXE) Injection Payload List

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

The all-in-one Red Team extension for Web Pentester 🛠

Source code for Hacker101.com - a free online web and mobile security class.

XSS Payload without Anything.

Web Application Security Scanner Framework

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Audit tool to find common vulnerabilities in PHP source code

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

JSshell - JavaScript reverse/remote shell

An automated e-mail OSINT tool

retrieve information via O365 with a valid cred

👨‍🏫 Mike's Web Security Course

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

List of Awesome Windows Security Resources

Text, samples and website for my 'Effective Shell' series.

Facebook Brute Forcer in shellscript using TOR

New Interface And Loading Screen For Termux Users

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.

Rockyou for web fuzzing

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Tool-X is a kali linux hacking Tool installer. Tool-X developed for termux and other Linux based systems. using Tool-X you can install almost 370+ hacking tools in termux app and other linux based distributions.

Project transferred to: https://github.com/taielab/awesome-hacking-lists

The Serverless Blind XSS App

利用XSS入侵内网(Use XSS automation Invade intranet)

🌲 Aimbot powered by real-time object detection with neural networks, GPU accelerated with Nvidia. Optimized for use with CS:GO.

Code for my 0x00sec.org posts

A tool to fastly get all javascript sources/files

Official Black Hat Arsenal Security Tools Repository

Windows Remote Administration Tool via Telegram. Written in Python

A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing

Keeping Twitter for macOS alive with code injection

Hawkeye filesystem analysis tool

Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.

Hospitality for Hackers

Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.

Tool designed to help identify incorrectly configured Django applications that are exposing sensitive information.

PandwaRF: RF analysis tool with a sub-1 GHz wireless transceiver controlled by a smartphone or

🎯 RFI/LFI Payload List

ANDRAX The first and unique Penetration Testing platform for Android smartphones

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Plug-and-play bash script for sniffing 802.11 probes requests 👃

The DevSecOps toolset for REST APIs

Advanced and easy to use penetration testing framework 💣🔎

大型内网渗透扫描器&Cobalt Strike，Ladon8.9内置120个模块，包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2，密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem，Poc/Exploit,支持Cobalt Strike 3.X-4.0

Metasploit custom modules, plugins, resource script and.. awesome metasploit collection

Java web and command line applications demonstrating various security topics