This is a useful Python script for extracting bug bounty or any other write-ups from every RSS.
Vulnerable app with examples showing how to not use secrets
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
The aim of this project is to protect Java applications against CSRF attacks with the use of Synchronizer Tokens
OWASP Foundation Threat Dragon Project Web Repository
A utility for detecting webpage inputs and conducting XSS scans.
Xalgorix - The Most Powerful Open-Source AI Pentesting Agent
A command-line utility designed to recursively spider webpages for URLs. It works by actively traversing websites - following links embedded…
Open-source attack surface management and authorized security automation platform for asset discovery, service probing, scan orchestration, …
xless …
Multi-threaded XMLRPC brute forcer using amplification attacks targeting WordPress installations prior to version 4.4.
.NetCore常用工具库(常用正则表达式、日期时间常用方法、XML快速遍历、动态扩展对象、图片验证码生成、阿里/腾讯短信发送、发送邮件、Json配置文件解析、加密解密、OSS文件上传等,持续继承中...)
一款长亭自研的完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Herramienta avanzada de escaneo XSS (Cross-Site Scripting) para auditorías de seguridad web, con capacidades de evasión de WAF y generación …
XSS Exploitation Tool (XET) is a penetration testing tool designed to exploit Cross-Site Scripting vulnerabilities.
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
This project aims to provide a comprehensive resource for understanding and testing Cross-Site Scripting (XSS) vulnerabilities, one of the O…
:star: Star us on GitHub — it motivates a lot! :star:
This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS s…
修改 docker-compose.yml 里面的 environment 成想要的配置
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
🚀 XSSFUZZ - A tool for detecting XSS vulnerabilities in web applications.
Find XSS payloads that actually work by filtering them based on real-world constraints instead of blind payload spraying.