191 Open source projects that are alternatives of or similar to Veneno
Dompurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Stars: ✭ 8,177 (+3455.22%)
Medusa
🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Stars: ✭ 796 (+246.09%)
Minesweeper
A Burpsuite plugin (BApp) to aid in the detection of scripts being loaded from over 23000 malicious cryptocurrency mining domains (cryptojacking).
Stars: ✭ 162 (-29.57%)
Latte
☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.
Stars: ✭ 616 (+167.83%)
Xsscope
XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Stars: ✭ 103 (-55.22%)
Xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (+163.48%)
Berserker
A list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (-7.83%)
Zebra form
A jQuery augmented PHP library for creating secure HTML forms, and validating them easily
Stars: ✭ 95 (-58.7%)
Lighthouse Security
Runs the default Google Lighthouse tests with additional security tests
Stars: ✭ 190 (-17.39%)
Prestashop Cve 2018 19126
PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4) Back Office Remote Code Execution (CVE-2018-19126)
Stars: ✭ 37 (-83.91%)
Githacker
🕷️ A Git source leak exploit tool that restores the entire Git repository, including data from stash, for white-box auditing and analysis of developers' mind
Stars: ✭ 524 (+127.83%)
Csp Builder
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
Stars: ✭ 496 (+115.65%)
Webappsec Trusted Types
A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
Stars: ✭ 424 (+84.35%)
Xss Listener
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Stars: ✭ 414 (+80%)
Bluemonday
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+828.26%)
Domxssscanner
DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
Stars: ✭ 181 (-21.3%)
Mobile Security Framework Mobsf
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Stars: ✭ 10,212 (+4340%)
Breach.tw
A service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-37.39%)
Scaner
扫描器是来自GitHub平台的开源扫描器的集合,包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具,如:awvs、nmap,w3af将不包含在集合范围内。
Stars: ✭ 357 (+55.22%)
Owasp Java Encoder
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Stars: ✭ 343 (+49.13%)
Bxss
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Stars: ✭ 331 (+43.91%)
Jiff
JavaScript library for building web-based applications that employ secure multi-party computation (MPC).
Stars: ✭ 131 (-43.04%)
Javaid
java source code static code analysis and danger function identify prog
Stars: ✭ 327 (+42.17%)
Ezxss
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+344.35%)
Angularjs Csti Scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (-6.96%)
Tiny Xss Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+323.91%)
61-120 of 191 similar projects