xss-payload-list by payloadbox

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

updated at Nov. 17, 2024, 1:29 p.m.

136 +0

6,365 +21

1,689 +4

Photon by UltimateHackers

Incredibly fast crawler designed for OSINT.

updated at Nov. 17, 2024, 1:18 p.m.

325 +1

11,061 +26

1,521 +1

Sublist3r by aboul3la

Fast subdomains enumeration tool for penetration testers

updated at Nov. 17, 2024, 1 p.m.

231 +0

9,880 +18

2,104 -2

fuzz.txt by Bo0oM

Potentially dangerous files

updated at Nov. 17, 2024, 12:42 p.m.

86 +0

2,885 +2

488 +1

openrasp by baidu

🔥Open source RASP solution

updated at Nov. 17, 2024, 12:19 p.m.

109 +0

2,793 +2

601 -1

sql-injection-payload-list by payloadbox

🎯 SQL Injection Payload List

updated at Nov. 17, 2024, 12:11 p.m.

92 +0

4,995 +19

1,182 +3

wfuzz by xmendez

Web application fuzzer

updated at Nov. 17, 2024, 12:10 p.m.

167 +0

5,968 +13

1,385 +0

awesome-bug-bounty by djadmin

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

updated at Nov. 17, 2024, 11:42 a.m.

297 +0

4,662 +16

918 +0

tplmap by epinna

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

updated at Nov. 17, 2024, 11:37 a.m.

83 +1

3,794 +9

671 +1

command-injection-payload-list by payloadbox

🎯 Command Injection Payload List

updated at Nov. 17, 2024, 11:04 a.m.

73 +0

3,004 +16

641 +3

nuclei by projectdiscovery

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

updated at Nov. 17, 2024, 10:47 a.m.

239 -1

20,685 +89

2,513 +8

wpscan by wpscanteam

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com

updated at Nov. 17, 2024, 9:49 a.m.

268 +0

8,616 +14

1,266 -1

sqlmap by sqlmapproject

Automatic SQL injection and database takeover tool

updated at Nov. 17, 2024, 9:31 a.m.

1,092 +1

32,589 +78

5,725 +10

GSIL by FeeiCN

GitHub Sensitive Information Leakage（GitHub敏感信息泄露监控）

updated at Nov. 17, 2024, 9:04 a.m.

61 +0

2,124 -1

486 +0

CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

updated at Nov. 17, 2024, 8:48 a.m.

390 +0

29,267 +96

3,280 +13

weevely3 by epinna

Weaponized web shell

updated at Nov. 17, 2024, 8:43 a.m.

132 +1

3,200 +10

605 +2

commix by commixproject

Automated All-in-One OS Command Injection Exploitation Tool.

updated at Nov. 17, 2024, 8:43 a.m.

158 +0

4,611 +13

818 +2

nano by UltimateHackers

Nano is a family of PHP web shells which are code golfed for stealth.

updated at Nov. 17, 2024, 8:42 a.m.

32 +0

435 +1

93 +0

Some-PoC-oR-ExP by coffeehb

各种漏洞poc、Exp的收集或编写

updated at Nov. 17, 2024, 7:17 a.m.

154 +0

2,384 +2

972 +0

XSRFProbe by theInfectedDrake

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

updated at Nov. 17, 2024, 6:52 a.m.

37 +0

1,108 +1

207 -1