xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-96.37%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+45.71%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (-81.19%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+39.77%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+125.08%)
xssmapIntelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Stars: ✭ 107 (-82.34%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (-77.89%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-97.69%)
Findom XssA fast DOM based XSS vulnerability scanner with simplicity.
Stars: ✭ 310 (-48.84%)
GobusterDirectory/File, DNS and VHost busting tool written in Go
Stars: ✭ 5,356 (+783.83%)
YasuoA ruby script that scans for vulnerable & exploitable 3rd-party web applications on a network
Stars: ✭ 517 (-14.69%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-23.6%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-21.78%)
Bpmn JsA BPMN 2.0 rendering toolkit and web modeler.
Stars: ✭ 5,592 (+822.77%)
Sn1perAttack Surface Management Platform | Sn1perSecurity LLC
Stars: ✭ 4,897 (+708.09%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (-7.76%)
Security ToolsCollection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-16.01%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (-25.91%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (-25.74%)
Uxss Db🔪Browser logic vulnerabilities ☠️
Stars: ✭ 565 (-6.77%)
Ramda AdjunctRamda Adjunct is the most popular and most comprehensive set of functional utilities for use with Ramda, providing a variety of useful, well tested functions with excellent documentation.
Stars: ✭ 550 (-9.24%)
0d1nTool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
Stars: ✭ 506 (-16.5%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (-26.9%)
BruteCredential stuffing engine built for security professionals
Stars: ✭ 435 (-28.22%)
CrackmapexecA swiss army knife for pentesting networks
Stars: ✭ 5,445 (+798.51%)
GoohakAutomatically Launch Google Hacking Queries Against A Target Domain
Stars: ✭ 432 (-28.71%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+934.65%)
DearpyguiDear PyGui: A fast and powerful Graphical User Interface Toolkit for Python with minimal dependencies
Stars: ✭ 6,631 (+994.22%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-8.25%)
ProjectvisbugFireBug for designers › Edit any webpage, in any state https://a.nerdy.dev/gimme-visbug
Stars: ✭ 4,694 (+674.59%)
NetcatNetCat for Windows
Stars: ✭ 463 (-23.6%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (-3.8%)
TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (-23.43%)
Bugcrowd Levelup Subdomain EnumerationThis repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtual conference
Stars: ✭ 513 (-15.35%)
DawsAdvanced Web Shell
Stars: ✭ 551 (-9.08%)
NullinuxInternal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
Stars: ✭ 451 (-25.58%)
FfufFast web fuzzer written in Go
Stars: ✭ 5,687 (+838.45%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-16.83%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-28.22%)
AwspxA graph-based tool for visualizing effective access and resource relationships in AWS environments.
Stars: ✭ 546 (-9.9%)
NiguiCross-platform desktop GUI toolkit written in Nim
Stars: ✭ 430 (-29.04%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (-17.49%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-29.54%)
Webappsec Trusted TypesA browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
Stars: ✭ 424 (-30.03%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+926.07%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-10.73%)
Imgui GoGo wrapper library for "Dear ImGui" (https://github.com/ocornut/imgui)
Stars: ✭ 499 (-17.66%)
MetabigorIntelligence tool but without API key
Stars: ✭ 424 (-30.03%)
Owasp Xenotix Xss Exploit FrameworkOWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
Stars: ✭ 424 (-30.03%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (-17.66%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (-30.03%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-30.2%)