GitHub: https://github.com/nettitude/xss_payloads
We curate a set of fun and interesting Cross Site Scripting (XSS) payloads. They’re designed for quick and effective attacks when time is too short and using a framework is too big. Our payloads allow you to have fun with things such as:
- Obtaining NTLM hashes from your victim, ready to crack and use on perimeter services
- Scan internal networks as part of further enumeration
- Obtain credentials directly from your victim
- Grab sensitive content from your victim’s DOM
- …and much more!
Login XSS
Over time, these payloads will be further developed and expanded upon. Throw them in your testing kit for quick and dirty Cross Site Scripting wins.
