It is a very simple XSS simulator based on flask, python.

Last update: May 10, 2022

Overview

Xss-Simulator

It is a very simple XSS simulator based on Flask, Python.

This is a repository that explains XSS attack. We will run a local web program to learn XSS by experencing and attempting.

Introducing XSS

XSS stands for cross-site scripting. The terminology cross-site scripting was originally abbreviated as CSS, but the word cascading style sheets is also called CSS, so people changed the abbreviation of cross-site scripting to XSS.

Requirements

markdown
flask

see requirements.txt

How to Run

1. Download code

2. Run code

python xss.py

3. Open the webpage in browser

4. Input / Inject

5. Click the button to see result

This is just an example, actually you can do something more interesting!

Owner

Satin Wuker

GitHub Repository

Archive-Crack - A Tools for crack file archive

Install In TERMUX apt update && apt upgrade -y pkg install python git unrar

10 Oct 06, 2022

About Hive Burp Suite Extension

Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss

7 Dec 07, 2022

Obfuscate your Python scripts better, faster.

⚜️ Berserker ⚜️ An unique Python3 obfuscator using Kyrie Eleison's encryption protocol, written in Python3. 📋 Examples 📋 Unobfuscated: input("Hello

81 Dec 07, 2022

md5 hash cracking with python.

Python-Md5-Cracker- md5 hash cracking with python. Original files added First create a file called word.txt then run the wordCreate.py script The task

0 Aug 31, 2022

BurpSuite Extension: Log4j RCE Scanner

1 Dec 16, 2021

一款Web在线自动免杀工具

一款利用加载器以及Python反序列化绕过AV的在线免杀工具因为打包方式的局限性，不能跨平台，若要生成exe格式的只能在Windows下运行本项目打包速度有点慢，提交后稍等一会开发环境及运行前端使用Bootstrap框架，后端使用Django框架。

172 Nov 28, 2022

Attack SQL Server through gopher protocol

17 Nov 30, 2022

Dapunta Multi Brute Force Facebook - Crack Facebook With Login - Free

✭ DMBF CRACK Dibuat Dengan ❤️ Oleh Dapunta Author: - Dapunta Khurayra X ⇨ Fitur Login [✯] Login Token ⇨ Fitur Crack [✯] Crack Dari Teman, Public,

10 Oct 19, 2022

Password-Manager GUI

PASSWORD-MANAGER This repo contains all the project files. Project Description A Tkinter GUI that allows you to store website info like website name,

1 Dec 08, 2021

An auxiliary tool for iot vulnerability hunter

firmeye - IoT固件漏洞挖掘工具 firmeye 是一个 IDA 插件，基于敏感函数参数回溯来辅助漏洞挖掘。我们知道，在固件漏洞挖掘中，从敏感/危险函数出发，寻找其参数来源，是一种很有效的漏洞挖掘方法，但程序中调用敏感函数的地方非常多，人工分析耗时费力，通过该插件，可以帮助排除大部分的安全

171 Nov 28, 2022

A kAFL based hypervisor fuzzer which fully supports nested VMs

hAFL2 hAFL2 is a kAFL-based hypervisor fuzzer. It is the first open-source fuzzer which is able to target hypervisors natively (including Hyper-V), as

115 Dec 07, 2022

NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains

NexScanner NexScanner is a tool which helps you scan a website for sub-domains and also to find login pages in the website like the admin login panel

8 Sep 03, 2022

Port scanner tool with easy installation

ort scanner tool with easy installation! Python programming language is used and The text in the program is Georgian 3

2 Mar 24, 2022

CVE-2021-21972

CVE-2021-21972 % python3 /tmp/CVE_2021_21972.py -i /tmp/urls.txt -n 8 -e [*] Creating tmp.tar containing ../../../../../home/vsphere-ui/.ssh/authoriz

30 Nov 19, 2022

ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.

45 Dec 28, 2022

A proxy for asyncio.AbstractEventLoop for testing purposes

aioloop-proxy A proxy for asyncio.AbstractEventLoop for testing purposes. When tests writing for asyncio based code, there are controversial requireme

12 Dec 12, 2022

Python Password Generator

This is a console-based version of a password generator written with Python. The program generates a password based on numbers of letters, numbers, and symbols specified by the user. This is a simple

1 Jan 24, 2022

MS-FSRVP coercion abuse PoC

ShadowCoerce MS-FSRVP coercion abuse PoC Credits: Gilles LIONEL (a.k.a. Topotam)

219 Dec 28, 2022

Xteam All in one Instagram,Android,phishing osint and wifi hacking tool available

283 Dec 29, 2022

TightVNC Vulnerability.

CVE-2022-23967 In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbprot

15 Jul 11, 2022