csv-injection-payloads
xss-payload-list
csv-injection-payloads | xss-payload-list | |
---|---|---|
2 | 6 | |
169 | 5,661 | |
1.8% | 3.1% | |
2.1 | 0.0 | |
11 months ago | 5 months ago | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
csv-injection-payloads
- Does anyone know any good tools or practices to test for virus and/or malware in csv files that will be stored into our internal storage?
-
Microsoft's Small Step to Disable Macros Is a Win for Security
Further reading:
- https://owasp.org/www-community/attacks/CSV_Injection
- https://github.com/payloadbox/csv-injection-payloads
xss-payload-list
-
XSS example
Like an example XSS payload? Go nuts: https://github.com/payloadbox/xss-payload-list
-
Go with PHP
Otherwise, only vague and unsubstantiated claims, which does not help PHP nor any other programming language or framework.
[] https://github.com/payloadbox/xss-payload-list
- SC
- A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters
- Cross Site Scripting ( XSS ) Vulnerability Payload List
-
Password protected website (no username) - best way in?
Tried it now, with the https://github.com/payloadbox/xss-payload-list/tree/master/Intruder list.
What are some alternatives?
open_safety - An application to assist with securing script execution
ssti-payloads - 🎯 Server Side Template Injection Payloads
Windows-Sandbox-Utilities - A public repository for useful developments surrounding Windows Sandbox
XSStrike - Most advanced XSS scanner.
gvisor - Application Kernel for Containers
sql-injection-payload-list - 🎯 SQL Injection Payload List
OWASP-Xenotix-XSS-Exploit-Framework - OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
plugin-cloud-storage - The official cloud storage plugin for Payload
ppmap - A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
fuzzdb - Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
big-list-of-naughty-strings - The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.