1008 Open source projects that are alternatives of or similar to Xssor2

Generate unicode evil domains for IDN Homograph Attack and detect them.

Universal IR Remote Control Solution

A PHP library to encode and decode arbitrary ASN.1 structures using ITU-T X.690 encoding rules.

xWAF 3.0 - Free Web Application Firewall, Open-Source.

A Rust crate that allows you to match, bind, and pack the individual bits of integers.

GoFingerprint is a Go tool for taking a list of target web servers and matching their HTTP responses against a user defined list of fingerprints.

THIS REPOSITORY HAS BEEN MOVED TO https://github.com/wpscanteam/wpscan USE THAT!!!

解析VIP资源，解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址

A fast http and https prober, to check which URLs are alive

gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒

Deep Texture Encoding Network

web scanner - exploitation - information gathering

A low-level, lightweight protocol buffers implementation in JavaScript.

Script collection to bypass Network Access Control (NAC, 802.1x)

Abusing Impersonation Privileges on Windows 10 and Server 2019

Market leading Android SDK with encoding, streaming & playback functionality

Pentest environment deployer (kali linux + targets) using vagrant and chef.

Go implementation of EDN (Extensible Data Notation)

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

SMB Relay Attack Script

windows-kernel-exploits Windows平台提权漏洞集合

Burp Bounty profiles compilation, feel free to contribute!

A big list of Android Hackerone disclosed reports and other resources.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

MLBox is a powerful Automated Machine Learning python library.

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

This challenge is Inon Shkedy's 31 days API Security Tips.

“玄魂工作室--安全圈” 知识星球内资源汇总

Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.

Your Google Recon is Now Automated

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Privilege Escalation Enumeration Script for Windows

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Unsorted, raw, ugly & probably poorly usable tools for reversing, exploit and pentest

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Burp Suite extension to passively scan for applications revealing server error messages

💣 Impulse Denial-of-service ToolKit

Automatically spawn a reverse shell fully interactive for Linux or Windows victim

XssPayload List . Usage:

🐕 Fetch+ is a convenient Fetch API replacement with first-class middleware support.

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS

An open source batch script based WiFi Passview for Windows!

Find exploits in local and online databases instantly

Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

Automating XSS using Bash

WeirdAAL (AWS Attack Library)

Arcadyan ARV7519RW22-A-L T VR9 1.2 Multiple security vulnerabilities affecting latest firmware release on ORANGE Livebox modems.

Automated NoSQL database enumeration and web application exploitation tool.

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

this is the code release for ''Weakly Supervised PatchNets: Describing and Aggregating Local Patches for Scene Recognition''

Providing aid in converting video games.

The ultimate WinRM shell for hacking/pentesting

XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.

Discover hidden deepweb pages

A tool for bug hunting or pentesting for targeting websites that have open .git repositories available in public

Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised. Portia performs privilege escalation as well as lateral movement automatically in the network