JS-Tap JS-Tap is a generic JavaScript payload and supporting software to help red teamers attack webapps. The...
Web Exploitation
Hakuin Hakuin is a Blind SQL Injection (BSQLI) inference optimization and automation framework written in Python 3....
Session Hijacking Visual Exploitation Session Hijacking Visual Exploitation is a tool that allows for the hijacking of...
HTMLSmuggler HTMLSmuggler – JS payload generator for IDS bypass and payload delivery via HTML smuggling. The primary...
XSS Exploitation Tool It is a penetration testing tool that focuses on the exploitation of Cross-Site Scripting...
SQLiDetector Simple python script supported with BurpBouty profile that helps you to detect SQL injection “Error based”...
toxssin toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS)...
WebView2 Cookie Stealer The main advantage of using WebView2 for attackers is the rich functionality it provides...
EV: IDS Evasion via TCP/IP Packet Manipulation EV is a tool that allows you to craft TCP...
RedDrop Exfil Server RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers, Red Teamers,...
ICG-AutoExploiterBoT OsCommerce Exploits 💥 – OsCommerce 2.x Core RCE Drupal Exploits 💥 – Drupal Add admin – Drupal BruteForcer...
http2smugl This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved...
xsstools xsstools is an xss development framework, with the goal of making payload writing easier. Exfiltrators A...
Smuggler An HTTP Request Smuggling / Desync testing tool written in Python 3. IMPORTANT This tool does...
LazyCSRF LazyCSRF is a more useful CSRF PoC generator that runs on Burp Suite. Motivation Burp Suite...