Webrtcxss利用XSS入侵内网(Use XSS automation Invade intranet)
Stars: ✭ 190 (-24.3%)
FilterbypassBrowser's XSS Filter Bypass Cheat Sheet
Stars: ✭ 884 (+252.19%)
EvilosxAn evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+627.49%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (-14.74%)
DompurifyDOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Stars: ✭ 8,177 (+3157.77%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (-48.61%)
PythonadvancedhttpreverseshellAdvanced python HTTP reverse shell made for Hacking Competition purpose. I am not responsible of what you do with this tool.
Stars: ✭ 22 (-91.24%)
JavasecurityJava web and command line applications demonstrating various security topics
Stars: ✭ 182 (-27.49%)
ImagejsSmall tool to package javascript into a valid image file.
Stars: ✭ 828 (+229.88%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (-52.59%)
Medusa🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+217.13%)
Rshgenerate reverse shell from CLI for linux and Windows.
Stars: ✭ 233 (-7.17%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+2584.06%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (-54.98%)
Xss PayloadsList of advanced XSS payloads
Stars: ✭ 696 (+177.29%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (-54.18%)
Latte☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.
Stars: ✭ 616 (+145.42%)
BetterbackdoorA backdoor with a multitude of features.
Stars: ✭ 195 (-22.31%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+141.43%)
Parsevip解析VIP资源,解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
Stars: ✭ 105 (-58.17%)
XspearPowerfull XSS Scanning and Parameter analysis tool&gem
Stars: ✭ 583 (+132.27%)
Reverse Shell Manager🔨 A multiple reverse shell session/client manager via terminal
Stars: ✭ 171 (-31.87%)
Xray一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Stars: ✭ 6,218 (+2377.29%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+452.59%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (-3.98%)
0d1nTool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
Stars: ✭ 506 (+101.59%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-61.35%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+2302.39%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (-33.47%)
TracyA tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Stars: ✭ 464 (+84.86%)
HershellMultiplatform reverse shell generator
Stars: ✭ 456 (+81.67%)
Webappsec Trusted TypesA browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
Stars: ✭ 424 (+68.92%)
EggshelliOS/macOS/Linux Remote Administration Tool
Stars: ✭ 1,286 (+412.35%)
CovertutilsA framework for Backdoor development!
Stars: ✭ 424 (+68.92%)
WascanWAScan - Web Application Scanner
Stars: ✭ 1,895 (+654.98%)
Xss Listener🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+64.94%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-65.34%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (-11.55%)
ProtectProactively protect your Node.js web services
Stars: ✭ 394 (+56.97%)
XsserFrom XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
Stars: ✭ 381 (+51.79%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+942.63%)
Javadeserh2hcSample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
Stars: ✭ 361 (+43.82%)
SqlinatorAutomatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
Stars: ✭ 70 (-72.11%)
Scaner扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
Stars: ✭ 357 (+42.23%)
XlessThe Serverless Blind XSS App
Stars: ✭ 191 (-23.9%)
TinkerershellA simple python reverse shell written just for fun.
Stars: ✭ 62 (-75.3%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+1040.24%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (-14.34%)
RevshellgenReverse shell generator written in Python 3.
Stars: ✭ 190 (-24.3%)
StitchPython Remote Administration Tool (RAT)
Stars: ✭ 2,018 (+703.98%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+307.17%)