xss-payload-list
CraftCMS
xss-payload-list | CraftCMS | |
---|---|---|
6 | 45 | |
5,661 | 3,166 | |
3.1% | 0.4% | |
0.0 | 10.0 | |
5 months ago | about 14 hours ago | |
PHP | ||
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
xss-payload-list
-
XSS example
Like an example XSS payload? Go nuts: https://github.com/payloadbox/xss-payload-list
-
Go with PHP
Otherwise, only vague and unsubstantiated claims, which does not help PHP nor any other programming language or framework.
[] https://github.com/payloadbox/xss-payload-list
- SC
- A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters
- Cross Site Scripting ( XSS ) Vulnerability Payload List
-
Password protected website (no username) - best way in?
Tried it now, with the https://github.com/payloadbox/xss-payload-list/tree/master/Intruder list.
CraftCMS
-
Different flavors of content management
The most typical approach is having a CMS admin panel sit somewhere on the server; everyone with an account uses this. This is a very convenient approach, especially when working with a team. This way, many people can work on different articles simultaneously without worrying about potential conflicts or overwriting stuff. The only con is related to security - everyone can try to get inside, and if you forget to update our CMS or some user have a weak password, it can be someone outside of our team. WordPress, Drupal, CraftCMS, or Ghost are perfect examples of such CMSs.
- Show HN: Primo – a visual CMS with Svelte blocks, a code editor, and SSG
-
Is Htmx Gaining in Popularity?
I checked one website in that list, it uses CraftCMS, which apparently has htmx bundled. (https://github.com/craftcms/cms/tree/main/src/web/assets/htm...)
Would be interesting to know which other CMS'es make use of htmx (and to what degree).
- Site without WordPress
-
Go with PHP
PHP has a lot of top tier CMSes. IMHO bunch of them are even better than Statamic. Craft CMS (https://craftcms.com/) is a lot more mature database based CMS. Kirby (https://getkirby.com/) is better at flat-file and has a lot better admin interface. Twill (https://twillcms.com/) is better integrated in Laravel and is fully open-source. Statamic mostly feels like it's sitting besides Laravel and they call themselves Laravel based for marketing.
-
Stack to build and deploy a fully functional personal blog?
You're basically looking for any CMS that supports headless mode. E.g. Strapi (https://strapi.io/, NodeJS based), CraftCMS (https://craftcms.com/, PHP based) or countless others.
-
SvelteKit+ MongoDB
Craft CMS
- 09
-
A mate of mine built a cool little Tottenham Database showing the history of spurs.
It's built on Craft CMS. Makes the relationships between elements (a match and a player, for example) super easy.
-
Creating a CMS with React, what should I look at?
Is there a reason you aren’t using an existing CMS? There’s a lot that provide all the UI functionality you are talking about and then expose it via a API to be consumed in your front end. https://craftcms.com is one option I’ve had good success with.
What are some alternatives?
ssti-payloads - 🎯 Server Side Template Injection Payloads
Wagtail - A Django content management system focused on flexibility and user experience
XSStrike - Most advanced XSS scanner.
Statamic - The official Statamic Static Site Generator
sql-injection-payload-list - 🎯 SQL Injection Payload List
Pico - Pico is a stupidly simple, blazing fast, flat file CMS.
OWASP-Xenotix-XSS-Exploit-Framework - OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
Backdrop CMS - Backdrop is a full-featured content management system that allows non-technical users to manage a wide variety of content. It can be used to create all kinds of websites including blogs, image galleries, social networks, intranets, and more.
plugin-cloud-storage - The official cloud storage plugin for Payload
Kirby - Kirby's core application folder
ppmap - A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
Grav - Modern, Crazy Fast, Ridiculously Easy and Amazingly Powerful Flat-File CMS powered by PHP, Markdown, Twig, and Symfony