439 Open source projects that are alternatives of or similar to XSS-Payload-without-Anything

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

Powerfull XSS Scanning and Parameter analysis tool&gem

All about bug bounty (bypasses, payloads, and etc)

🎯 RFI/LFI Payload List

A list of interesting payloads, tips and tricks for bug bounty hunters.

XSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/

Payload Arsenal for Pentration Tester and Bug Bounty Hunters

🎯 XML External Entity (XXE) Injection Payload List

A fast DOM based XSS vulnerability scanner with simplicity.

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Multithreaded Plugin based vulnerability scanner for mass detection of web-based applications vulnerabilities

XSS in pastebin.com and reddit.com via unsanitized markdown output

Hacking tools

Cross-site scripting labs for web application security enthusiasts

🎯 SQL Injection Payload List

🎯 Server Side Template Injection Payloads

Toolset for detecting reflected xss in websites

No description or website provided.

A big list of Android Hackerone disclosed reports and other resources.

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

A tool to check a bunch of URLs that contain reflecting params.

Automating XSS using Bash

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

A container repository for my public web hacks!

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Top disclosed reports from HackerOne

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

Git All the Payloads! A collection of web attack payloads.

Messy BurpSuite plugin for SQL Truncation vulnerabilities.

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks

goverview - Get an overview of the list of URLs

Find host header injections and perform Host Header attacks with other kind of bugs like web cache poissoning

Script that automates the installation of the main tools used for web application penetration testing and Bug Bounty.

Fast and customizable vulnerability scanner For JIRA written in Python

Http request smuggling vulnerability scanner

Minimalist cheat sheet for developpers to write secure code

Send notifications on different channels such as Slack, Telegram, Discord etc.

Signatures for jaeles scanner by @j3ssie

Scan secrets from Continuous Integration Build Logs

Intentionally vulnerable Android application.

A curated list of awesome blogs and tools about HTTP request smuggling attacks. Feel free to contribute! 🍻

XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

An Extended, Modulair, Host Discovery Framework

Turn your VPS into an attack box

Little Bug Bounty & Hacking Tools⚔️

Unleash the power of cloud

In progress rough solutions to bWAPP / bee-box

I built some bash functions to help me while doing mundane and repetitive tasks using BBRF, Nuclei or other Bug bounty tool.

Mass querying whois records

Related subdomains finder