Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
Projects in Awesome Lists tagged with xss
A curated list of projects in awesome lists tagged with xss .
https://github.com/hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
clickjacking csrf education hacker101 hackerone hacking mobile-security security session-fixation sql-injection unchecked-redirects vulnerability web-security xss
Last synced: 30 Sep 2024
https://github.com/Hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
clickjacking csrf education hacker101 hackerone hacking mobile-security security session-fixation sql-injection unchecked-redirects vulnerability web-security xss
Last synced: 30 Jul 2024
https://github.com/cure53/dompurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
cross-site-scripting dom dompurify html javascript mathml prevent-xss-attacks sanitizer security svg xss
Last synced: 29 Sep 2024
https://github.com/cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
cross-site-scripting dom dompurify html javascript mathml prevent-xss-attacks sanitizer security svg xss
Last synced: 31 Jul 2024
https://github.com/s0md3v/XSStrike
Most advanced XSS scanner.
waf-detection xss xss-bruteforce xss-detection xss-exploit xss-python xss-scanner xsstrike
Last synced: 31 Jul 2024
https://github.com/s0md3v/xsstrike
Most advanced XSS scanner.
waf-detection xss xss-bruteforce xss-detection xss-exploit xss-python xss-scanner xsstrike
Last synced: 30 Sep 2024
https://github.com/nahamsec/resources-for-beginner-bug-bounty-hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
Last synced: 30 Sep 2024
https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
bug-bounty bug-bounty-hunters bugbounty education hackers hacking learn2hack pentest ssrf web-security xss
Last synced: 31 Jul 2024
https://github.com/chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
passive-vulnerability-scanner poc security sqlinjection vulnerability vulnerability-scanner xss
Last synced: 01 Oct 2024
https://github.com/chaitin/safeline
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it operates as a reverse proxy to protect your website from hacker attacks.
acl captcha cc docker firewall http-flood modsecurity nginx security security-tools sql-injection waf web-application-firewall web-security xss
Last synced: 27 Sep 2024
https://github.com/chaitin/SafeLine
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it operates as a reverse proxy to protect your website from hacker attacks.
acl captcha cc docker firewall http-flood modsecurity nginx security security-tools sql-injection waf web-application-firewall web-security xss
Last synced: 31 Jul 2024
https://github.com/payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
bugbounty cross-site-scripting dom-based payload payloads reflected-xss-vulnerabilities self-xss websecurity website-vulnerability xss xss-attacks xss-detection xss-exploitation xss-injection xss-payload xss-payloads xss-poc xss-scanner xss-scanners xss-vulnerability
Last synced: 30 Sep 2024
https://github.com/dromara/lamp-cloud
lamp-cloud 基于jdk21、jdk17、jdk11、jdk8 + SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
admin cloud eureka gateway hystrix java jwt mybatis nacos seata spring spring-cloud springboot springcloud xss zuul
Last synced: 27 Sep 2024
https://github.com/zuihou/lamp-cloud
lamp-cloud 基于Jdk11 + SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
admin cloud eureka gateway hystrix java jwt mybatis nacos seata spring spring-cloud springboot springcloud xss zuul
Last synced: 12 Aug 2024
https://github.com/arachni/arachni
Web Application Security Scanner Framework
analysis arachni audit crawler detection dom hack hacking javascript modular penetration-testing ruby scanner scanners security-audit sql-injection vulnerability-detection web-application xss
Last synced: 26 Sep 2024
https://github.com/Arachni/arachni
Web Application Security Scanner Framework
analysis arachni audit crawler detection dom hack hacking javascript modular penetration-testing ruby scanner scanners security-audit sql-injection vulnerability-detection web-application xss
Last synced: 01 Aug 2024
https://github.com/hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
bugbounty bugbounty-tool cicd-pipeline devsecops golang hacktoberfest security vulnerability xss xss-bruteforce xss-detection xss-exploit xss-scanner
Last synced: 30 Sep 2024
https://github.com/foospidy/payloads
Git All the Payloads! A collection of web attack payloads.
appsec cybersecurity hacking passwords payload payloads pentest sqli web-attack-payloads xss
Last synced: 30 Sep 2024
https://github.com/microcosm-cc/bluemonday
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
allowlist go golang html owasp sanitization security xss
Last synced: 29 Sep 2024
https://github.com/evilcos/xssor2
XSS'OR - Hack with JavaScript.
csrf encoding hack hacking-tool pentest pentest-tool probe xss
Last synced: 30 Sep 2024
https://github.com/ascotbe/medusa
:cat2:Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中
cobaltstrike cve dnslog email exp mail medusa metasploit-framework payload poc readteam virus xss
Last synced: 30 Sep 2024
https://github.com/Ascotbe/Medusa
:cat2:Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中
cobaltstrike cve dnslog email exp mail medusa metasploit-framework payload poc readteam virus xss
Last synced: 31 Jul 2024
https://github.com/0xsobky/hackvault
A container repository for my public web hacks!
exploit fuzzing payloads pentesting reconnaissance regex tracking web-security xss
Last synced: 30 Sep 2024
https://github.com/terjanq/tiny-xss-payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
bugbounty ctf html javascript payloads xss
Last synced: 30 Sep 2024
https://github.com/ssl/ezxss
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
alert blind blind-xss bug bugbounty easy easy-to-use payload penetration-testing php redteam redteaming test xss xss-attacks xss-detection xss-exploitation xss-injection xss-scanner xss-vulnerability
Last synced: 30 Sep 2024
https://github.com/0xSobky/HackVault
A container repository for my public web hacks!
exploit fuzzing payloads pentesting reconnaissance regex tracking web-security xss
Last synced: 30 Jul 2024
https://github.com/terjanq/Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
bugbounty ctf html javascript payloads xss
Last synced: 01 Aug 2024
https://github.com/ssl/ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
alert blind blind-xss bug bugbounty easy easy-to-use payload penetration-testing php redteam redteaming test xss xss-attacks xss-detection xss-exploitation xss-injection xss-scanner xss-vulnerability
Last synced: 01 Aug 2024
https://github.com/1n3/blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss
Last synced: 30 Sep 2024
https://github.com/1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss
Last synced: 01 Aug 2024
https://github.com/v3n0m-scanner/v3n0m-scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
aiohttp asyncio blackarch cloudflare d0rk dns exploit ftp hacking lfi metasploit pentesting python3 scanner sqli toxin trawling vulnerability vulnerability-scanners xss
Last synced: 30 Sep 2024
https://github.com/v3n0m-Scanner/V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
aiohttp asyncio blackarch cloudflare d0rk dns exploit ftp hacking lfi metasploit pentesting python3 scanner sqli toxin trawling vulnerability vulnerability-scanners xss
Last synced: 01 Aug 2024
https://github.com/b3nac/android-reports-and-resources
A big list of Android Hackerone disclosed reports and other resources.
android android-repo android-resource android-security bugbounty bypass hackerone infosec insecure-data-storage intercept-broadcasts steal-files webview xss
Last synced: 30 Sep 2024
https://github.com/alisamtechnology/atscan
Advanced dork Search & Mass Exploit Scanner
data dork engine exploitation lfi linux mass-exploitation-scanner ports portscan rfi scanner security server shell sqli system tools vulnerability-scanners web-application xss
Last synced: 30 Sep 2024
https://github.com/AlisamTechnology/ATSCAN
Advanced dork Search & Mass Exploit Scanner
data dork engine exploitation lfi linux mass-exploitation-scanner ports portscan rfi scanner security server shell sqli system tools vulnerability-scanners web-application xss
Last synced: 31 Jul 2024
https://github.com/t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator.
cross-site-scripting exploitation hacking javascript penetration-testing pentesting-tools python web-penetration-testing xss xss-exploitation xss-vulnerability
Last synced: 30 Sep 2024
https://github.com/m4n3dw0lf/pythem
pentest framework
brute-force denial-of-service docker exploit fuzzer hacking man-in-the-middle network packet-analyser packet-generator packet-parsing packet-processing pentest phishing proxy scanner security-audit sniffer spoof xss
Last synced: 30 Sep 2024
https://github.com/hahwul/xspear
🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
bugbounty bugbountytips gem hacking library pentest ruby scanner scanning-xss selenium tool webhacking xss
Last synced: 28 Sep 2024
https://github.com/epsylon/xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
exploiting pentesting toolkit xss xsser
Last synced: 25 Sep 2024
https://github.com/hahwul/XSpear
🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
bugbounty bugbountytips gem hacking library pentest ruby scanner scanning-xss selenium tool webhacking xss
Last synced: 01 Aug 2024
https://github.com/masatokinugawa/filterbypass
Browser's XSS Filter Bypass Cheat Sheet
cheatsheet pentest security xss
Last synced: 30 Sep 2024
https://github.com/nemesida-waf/waf-bypass
Check your WAF before an attacker does
api-security-testing bypass graphql-injection lfi nosql-injection path-traversal python python3 rce rfi sqli-injection ssti waf waf-bypass-tool waf-testing xss
Last synced: 30 Sep 2024
https://github.com/nette/latte
☕ Latte: the safest & truly intuitive templates for PHP. Engine for those who want the most secure PHP sites.
content-aware html latte nette nette-framework php safety security security-hole template-engine xss
Last synced: 27 Sep 2024
https://github.com/pgaijin66/xss-payloads
This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.
Last synced: 03 Aug 2024
https://github.com/jklmnn/imagejs
Small tool to package javascript into a valid image file.
Last synced: 31 Jul 2024
https://github.com/baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 27 Sep 2024
https://github.com/Baroshem/nuxt-security
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
basic-authentication cors csrf headers-security module nonce nuxt owasp rate-limiting security vue xss
Last synced: 03 Aug 2024
https://github.com/dwisiswant0/findom-xss
A fast DOM based XSS vulnerability scanner with simplicity.
bugbounty bugbountytips findom-xss pentest pentesting xss xss-scanner
Last synced: 01 Aug 2024
https://github.com/TheKingOfDuck/easyXssPayload
XssPayload List . Usage:
xss xss-injection xss-poc xss-vulnerability xsspayload
Last synced: 30 Jul 2024
https://github.com/thekingofduck/easyxsspayload
XssPayload List . Usage:
xss xss-injection xss-poc xss-vulnerability xsspayload
Last synced: 01 Aug 2024
https://github.com/wuba/Antenna
Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式,将不同漏洞场景检测能力通过插件的形式进行集合,通过与目标进行out-bind的数据通信方式进行辅助检测。
antenna cybersecurity django dns-rebinding dnslog ftp http jndi jsonp ldap mysql oast python rmi vulnerability-scanners xss
Last synced: 04 Aug 2024
https://github.com/knassar702/scant3r
ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
bug-bounty bugbounty infosec module-pattern penetration-testing pentesting security-tools web-scanners xss
Last synced: 04 Aug 2024
https://github.com/metnew/uxss-db
🔪Browser logic vulnerabilities :skull_and_crossbones:
browser cve javascript security vulnerability xss
Last synced: 01 Aug 2024
https://github.com/voku/anti-xss
㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
composer hacktoberfest html-character php xss xss-attacks
Last synced: 29 Sep 2024
https://github.com/samdenty/injectify
Perform advanced MiTM attacks on websites with ease 💉
console-replication github-oauth mitm modular mongodb nodejs reactjs redux typescript webpack xss
Last synced: 01 Aug 2024
https://github.com/YagamiiLight/Cerberus
一款功能强大的漏洞扫描器,子域名爆破使用aioDNS,asyncio异步快速扫描,覆盖目标全方位资产进行批量漏洞扫描,中间件信息收集,自动收集ip代理,探测Waf信息时自动使用来保护本机真实Ip,在本机Ip被Waf杀死后,自动切换代理Ip进行扫描,Waf信息收集(国内外100+款waf信息)包括安全狗,云锁,阿里云,云盾,腾讯云等,提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等),支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
bypass hacking-tool middleware penetration-testing proxy python security-tools sql-injection ssrf waf websecurity xss
Last synced: 04 Aug 2024
https://github.com/security-prince/Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
application-security appsec devsecops infosec interview-questions sdlc security-engineer-interview security-engineering security-team vulnerability webappsec websec websecurity websecurity-reference xss
Last synced: 01 Aug 2024
https://github.com/hannoch/scaner
扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
collection-tool domain-scanning fingerprint-scanning hacktools port-scan xss xss-scanner
Last synced: 03 Aug 2024
https://github.com/w3c/trusted-types
A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
dom javascript polyfill security trusted-types w3c xss
Last synced: 29 Sep 2024
https://github.com/nccgroup/tracy
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
browser-extension chrome chrome-extension firefox firefox-addon security security-tools xss xss-detection
Last synced: 01 Aug 2024
https://github.com/paragonie/csp-builder
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
content-security-policy cross-site-scripting csp csp-builder csp-header easy-to-use http http-header json-configuration php secure-by-default security xss
Last synced: 01 Aug 2024
https://github.com/capture0x/XSS-LOADER
Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
bypass-filter dork-finder hacking payload-generator payloads xss xss-attacks xss-bypass xss-detection xss-finder xss-injection xss-payloads xss-scanner
Last synced: 02 Aug 2024
https://github.com/ajinabraham/owasp-xenotix-xss-exploit-framework
OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
dom-xss exploitation-framework xenotix xss xss-detection xss-exploitation xss-scanner
Last synced: 03 Oct 2024
https://github.com/KathanP19/Gxss
A tool to check a bunch of URLs that contain reflecting params.
bugbounty bugbounty-tool golang xss xss-detection
Last synced: 04 Aug 2024
https://github.com/LewisArdern/bXSS
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Last synced: 01 Aug 2024
https://github.com/chushuai/wscan
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
cel-go chromedp crawler headless martian passive-vulnerability-scanner poc sql-injection subdomains testwaf vulnerability-scanner waf webscan wscan xss
Last synced: 04 Aug 2024
https://github.com/ericnorris/striptags
An implementation of PHP's strip_tags in Typescript.
html node strip-tags striptags xss
Last synced: 01 Aug 2024
https://github.com/whitel1st/docem
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
bugbounty oxml xss xss-injection xxe xxe-injection
Last synced: 01 Aug 2024
https://github.com/lewisardern/bxss
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Last synced: 01 Aug 2024
https://github.com/kleiton0x00/ppmap
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
bug-bounty bugbounty bugbounty-tool cybersecurity infosec prototype-pollution xss xss-detection xss-exploitation xss-vulnerability
Last synced: 03 Aug 2024
https://github.com/owasp/owasp-java-encoder
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Last synced: 01 Aug 2024
https://github.com/chennqqi/godnslog
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
dnslog rce rfi ssrf vulnerability webscan xss xxe
Last synced: 04 Aug 2024
https://github.com/cagataycali/xss-listener
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
security-hardening security-tools xss xss-attacks xss-harvest xss-harvester
Last synced: 01 Aug 2024
https://github.com/dongfangyuxiao/BurpExtend
基于Burp插件开发打造渗透测试自动化
burpsuite-extender passive-vulnerability-scanner poc security security-tools sqlinjection vulnerability-scanner xss
Last synced: 04 Aug 2024
https://github.com/varbaek/xsser
From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras
xss xss-attacks xss-exploitation xss-injection xss-poc
Last synced: 01 Aug 2024
https://github.com/kkomelin/isomorphic-dompurify
Use DOMPurify on server and client in the same way
dompurify html-escape isomorphic sanitize sanitize-html sanitizer security ssr universal wrapper xss xss-filter
Last synced: 26 Sep 2024
https://github.com/RisingStack/protect
Proactively protect your Node.js web services
express nodejs security sql-injection xss
Last synced: 01 Aug 2024
https://github.com/YalcinYolalan/WSSAT
WEB SERVICE SECURITY ASSESSMENT TOOL
dynamic-testing information-disclosure rest-api-scanner rest-api-test scanner security-tools soap-web-services sqlinjection static-analysis vulnerabilities web-service web-service-scanner web-service-test xml-bomb xss xxe-injection
Last synced: 30 Jul 2024
https://github.com/xsscx/Commodity-Injection-Signatures
Commodity Injection Signatures, Malicious Inputs, XSS, HTTP Header Injection, XXE, RCE, Javascript, XSLT
burp burpsuite exploit fuzzing header html http injection injection-signatures input javascript malicious poc random rce xss
Last synced: 04 Aug 2024
https://github.com/yalcinyolalan/wssat
WEB SERVICE SECURITY ASSESSMENT TOOL
dynamic-testing information-disclosure rest-api-scanner rest-api-test scanner security-tools soap-web-services sqlinjection static-analysis vulnerabilities web-service web-service-scanner web-service-test xml-bomb xss xxe-injection
Last synced: 01 Aug 2024
https://github.com/den1al/jsshell
An interactive multi-user web JS shell
exploit interactive javascript python python-3-6 shell web xss
Last synced: 01 Oct 2024
https://github.com/Den1al/JSShell
An interactive multi-user web JS shell
exploit interactive javascript python python-3-6 shell web xss
Last synced: 01 Aug 2024
https://github.com/theinfosecguy/quickxss
Automating XSS using Bash
bash-script bugbounty hacktoberfest hacktoberfest2021 xss xss-detection xss-vulnerability
Last synced: 26 Sep 2024
https://github.com/theinfosecguy/QuickXSS
Automating XSS using Bash
bash-script bugbounty hacktoberfest hacktoberfest2021 xss xss-detection xss-vulnerability
Last synced: 04 Aug 2024
https://github.com/TeraSecTeam/ary
Ary 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
automation penetration-testing pentest poc sqlinjection vulnerability vulnerability-scanners xss
Last synced: 04 Aug 2024
https://github.com/dzonerzy/goWAPT
Go Web Application Penetration Test
fuzzer hack injection scan-fuzzing sql tool vulnerability wapt wfuzz wordlist xss
Last synced: 04 Aug 2024
https://github.com/mazen160/xless
The Serverless Blind XSS App
blind-xss browser-exploitation exfiltration out-of-band serverless xss
Last synced: 03 Aug 2024
https://github.com/d4rckh/vaf
Vaf is a cross-platform very advanced and fast web fuzzer written in nim
bruteforce bug-bounty bugbounty burpsuite fuzzer fuzzing hacking hacking-tools nim penetration-testing pentest-tool recon security-tools vaf web xss
Last synced: 01 Aug 2024
https://github.com/tijme/angularjs-csti-scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.
angularjs angularjs-csti-scanner angularjs-sandbox-escape exploit sandbox-escape security tool vulnerability-scanners xss xss-scanners
Last synced: 27 Sep 2024
https://github.com/dotboris/vuejs-serverside-template-xss
Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability
security vue vue2 vuejs vuejs2 xss xss-vulnerability
Last synced: 01 Aug 2024