261 Open source projects that are alternatives of or similar to Imagejs

Workshop on Template Injection (6 exercises) covering Twig, Jinja2, Tornado, Velocity and Freemaker engines.

A big list of Android Hackerone disclosed reports and other resources.

XSS Cheatsheet - A collection of XSS attack vectors https://xss.devwerks.net/

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

Fully Featured hack Always Free As Feedom

Net packets capture & injection library designed for Android

A Silent (Hidden) Monero (XMR) Miner Builder

xss漏洞模糊测试payload的最佳集合 2020版

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

Powerfull XSS Scanning and Parameter analysis tool&gem

A recursive injection of partials based on their path name. Implementation of specific case of gulp-inject.

AOP framework for .NET (c#, vb, etc)

List of every possible vulnerabilities in computer security.

🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang

A lab for playing with NoSQL Injection

在Windows环境下的进程注入方法：远程线程注入、创建进程挂起注入、反射注入、APCInject、SetWindowHookEX注入

Vulnerable website scraper

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Linux applications proxifier

From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras

Tools for loading file-based configuration files and mapping them with Guice's ``@Named`` and more

Quick SQLMap Tamper Suggester

PoC for inject zygote process by replacing system native bridge support

The popular NoScript Security Suite browser extension.

BugBounty Tool

proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC

XSS in pastebin.com and reddit.com via unsanitized markdown output

扫描器是来自GitHub平台的开源扫描器的集合，包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具，如：awvs、nmap，w3af将不包含在集合范围内。

Log4j jndi injection fuzz tool

Advanced dork Search & Mass Exploit Scanner

Realtek RTWIFI - RTL8XXXU mod

The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!

Markdown to HTML using marked and DOMPurify. Safe by default.

Antivirus evasion project

对springSecurity进行二次开发，提供OAuth2授权(支持跨域名，多应用授权)、JWT、SSO、文件上传、权限系统无障碍接入、接口防刷、XSS、CSRF、SQL注入、三方登录(绑定，解绑)、加密通信等一系列安全场景的解决方案

Awesome XSS stuff

NodeJS Red-Team Cheat Sheet

A wiki focusing on aggregating and documenting various SQL injection methods

PoC memory injection detection agent based on ETW, for offensive and defensive research purposes

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

A simple Kotlin multi-platform abstraction around the javax.inject annotations.

Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

Python AV Evasion Tools

A fast DOM based XSS vulnerability scanner with simplicity.

It's a nginx http module to sanitize HTML5 with whitelisted elements, whitelisted attributes and whitelisted CSS property

A list of resources for those interested in getting started in bug bounties

Lightweight dependency injector

An extension to Mono.Cecil that provides helper methods for simple method injection.

hack tools

Dependency Injection container (IoC) for TypeScript

Getting started with java code auditing 代码审计入门的小项目

HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values.

Perform advanced MiTM attacks on websites with ease 💉

Web Application Security Scanner Framework

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms

Koin - a pragmatic lightweight dependency injection framework for Kotlin

🐈Medusa是一个红队武器库平台，目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能，持续开发中 http://medusa.ascotbe.com

🎯 SQL Injection Payload List

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Top disclosed reports from HackerOne