🔪Browser logic vulnerabilities
☆698Jan 23, 2021Updated 5 years ago
Alternatives and similar repositories for uxss-db
Users that are interested in uxss-db are comparing it to the libraries listed below
Sorting:
- A collection of JavaScript engine CVEs with PoCs☆2,316Sep 3, 2019Updated 6 years ago
- My Chrome and Safari exploit code + write-up repo☆532Nov 5, 2021Updated 4 years ago
- awesome list of browser exploitation tutorials☆2,267Sep 18, 2023Updated 2 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- DOM fuzzer☆1,769Nov 26, 2024Updated last year
- Browser's XSS Filter Bypass Cheat Sheet☆1,150May 6, 2017Updated 8 years ago
- A Javascript library for browser exploitation☆894Feb 12, 2019Updated 7 years ago
- A Collection of Chrome Sandbox Escape POCs/Exploits for learning☆860Jun 4, 2020Updated 5 years ago
- A JavaScript Engine Fuzzer☆2,152Updated this week
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- A tiny and cute URL fuzzer☆402Nov 10, 2022Updated 3 years ago
- poc or exp of android vulnerability☆407Dec 30, 2017Updated 8 years ago
- Java-Web-Security - Sichere Webanwendungen mit Java entwickeln☆220Feb 19, 2026Updated last week
- Code-Audit-Challenges☆990Nov 17, 2018Updated 7 years ago
- A collection of curated Java Deserialization Exploits☆591May 16, 2021Updated 4 years ago
- ✍️ A curated list of CVE PoCs.☆3,481Jan 4, 2022Updated 4 years ago
- The cheat sheet about Java Deserialization vulnerabilities☆3,167May 26, 2023Updated 2 years ago
- FileReader Exploit☆256Mar 20, 2019Updated 6 years ago
- The Harvest of V8 regress.☆137Jul 18, 2020Updated 5 years ago
- A collection of browser-based side channel attack vectors.☆759Mar 19, 2024Updated last year
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- Fuzzing Browsers☆316Dec 5, 2022Updated 3 years ago
- Analysis of public exploits or my 1day exploits☆617Oct 1, 2020Updated 5 years ago
- Vulnerability Labs for security analysis☆1,170Mar 10, 2021Updated 4 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆4,068Jul 31, 2024Updated last year
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.☆624Jun 13, 2020Updated 5 years ago
- Proof-of-concept codes created as part of security research done by Google Security Team.☆1,879Mar 12, 2021Updated 4 years ago
- OpenSource My ImageMagick Fuzzer ..☆298Jul 26, 2017Updated 8 years ago
- ☆463Oct 4, 2020Updated 5 years ago
- Server-Side Template Injection and Code Injection Detection and Exploitation Tool☆4,120Apr 21, 2024Updated last year
- Collection of CTF Web challenges I made☆2,821Aug 31, 2025Updated 6 months ago
- PHP Runtime Vulnerability Detection☆480May 25, 2019Updated 6 years ago
- 快速搭建各种漏洞环境(Various vulnerability environment)☆3,785Oct 27, 2020Updated 5 years ago
- ☆522Feb 22, 2020Updated 6 years ago
- A Java serializer in JavaScript☆80May 21, 2018Updated 7 years ago
- A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.☆518Jul 29, 2020Updated 5 years ago
- ☆385Jan 12, 2024Updated 2 years ago