ng-dompurifyInclusive Angular API for DOMPurify
Stars: ✭ 65 (-37.5%)
DompurifyDOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Stars: ✭ 8,177 (+7762.5%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (+24.04%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (+106.73%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+1233.65%)
Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+2416.35%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+131.73%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (+10.58%)
laravel-xss-filterFilter user input for XSS but don't touch other html
Stars: ✭ 38 (-63.46%)
XsstrikeMost advanced XSS scanner.
Stars: ✭ 9,822 (+9344.23%)
XlessThe Serverless Blind XSS App
Stars: ✭ 191 (+83.65%)
Pythempentest framework
Stars: ✭ 1,060 (+919.23%)
WascanWAScan - Web Application Scanner
Stars: ✭ 1,895 (+1722.12%)
XsshellAn XSS reverse shell framework
Stars: ✭ 251 (+141.35%)
PhpvulnAudit tool to find common vulnerabilities in PHP source code
Stars: ✭ 146 (+40.38%)
flask-vulnPretty vulnerable flask app..
Stars: ✭ 23 (-77.88%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (+8.65%)
Veneno Stars: ✭ 230 (+121.15%)
Parsevip解析VIP资源,解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
Stars: ✭ 105 (+0.96%)
xss-http-injectorXSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.
Stars: ✭ 22 (-78.85%)
Zebra formA jQuery augmented PHP library for creating secure HTML forms, and validating them easily
Stars: ✭ 95 (-8.65%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (+103.85%)
Wordlist404Small but effective wordlist for brute-forcing and discovering hidden things.
Stars: ✭ 101 (-2.88%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+882.69%)
JavasecurityJava web and command line applications demonstrating various security topics
Stars: ✭ 182 (+75%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-64.42%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+1793.27%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-50%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+11675%)
SuperXSSMake XSS Great Again
Stars: ✭ 57 (-45.19%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+1952.88%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (+28.85%)
security-cheat-sheetMinimalist cheat sheet for developpers to write secure code
Stars: ✭ 47 (-54.81%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (+14.42%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+2651.92%)
Python Xss FilterBased on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
Stars: ✭ 115 (+10.58%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+182.69%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (+9.62%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (+113.46%)
XsscopeXSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Stars: ✭ 103 (-0.96%)
sanitizer-polyfillrewrite constructor arguments, call DOMPurify, profit
Stars: ✭ 46 (-55.77%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+1211.54%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (+105.77%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (-16.35%)
SqlinatorAutomatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
Stars: ✭ 70 (-32.69%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (+51.92%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-53.85%)
Webrtcxss利用XSS入侵内网(Use XSS automation Invade intranet)
Stars: ✭ 190 (+82.69%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+836.54%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-68.27%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+837.5%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (+65.38%)
hackableA python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
Stars: ✭ 61 (-41.35%)
xssfinderToolset for detecting reflected xss in websites
Stars: ✭ 105 (+0.96%)