Tools

  • Bounty Report Generator – I put this together to quickly generate vulnerability report emails, but you can generate them for h1, bbcode, and html format as well.
  • CSRFGen – Creates HTML code for making CSRF/XSS proof of concepts. Great for dropping in a request really fast to get a quick XSS PoC file for reports.
  • XXEGen – Creates docx/xlsx files with an XXE payload that hits a listener on my server to notify you if the upload was vulnerable to XXE or not.
  • Bounty Report Generator