"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
-
Updated
Mar 4, 2017 - HTML
"Repeater" style XSS post-exploitation tool for mass browser control. Primarily a PoC to show why HttpOnly flag isn't a complete protection against session hijacking via XSS
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A passive online scanner from OWTF
🐱💻 👍 Google Chrome - File System Access API - vulnerabilities reported by Maciej Pulikowski | Total Bug Bounty Reward: $5.000 | CVE-2021-21123 and 5 more...
A React APP to verify CORS Permissive Policy.
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337
Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework
Everything for pentest. | 用于渗透测试的 payload 和 bypass 字典.
Report from Juice Shop Security Testing and notes from OTWA training
Google Cloud Quick Check - Inventory and Vulnerability Identifier
Theodore Cooper's official site. About programming, pentest, hacking, development and tutorials.
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Just H4 and L0 publishing write ups of hacking CTFs and challenges
A website for crash all browsers !
Add a description, image, and links to the pentest topic page so that developers can more easily learn about it.
To associate your repository with the pentest topic, visit your repo's landing page and select "manage topics."