PortSwigger / javascript-security
A Burp Suite extension which performs checks for cross-domain scripting against the DOM, subresource integrity checks, and evaluates JavaScript resources against threat intelligence data.
☆9Updated 3 years ago
Alternatives and similar repositories for javascript-security:
Users that are interested in javascript-security are comparing it to the libraries listed below
- ☆10Updated 3 years ago
- ☆10Updated 2 years ago
- Burp Suite Pro extension☆10Updated 7 years ago
- Cervantes plataform docker repository☆13Updated last month
- Take domains on stdin and output them on stdout if they get resolved☆33Updated 2 years ago
- Jira Secret Hunter - Helps you find credentials and sensitive contents in Jira tickets☆43Updated 2 years ago
- Anti-Takeover is a sub domain monitoring tool for (blue/purple) team / internal security team which uses cloud flare. Currently Anti-Take…☆12Updated 4 years ago
- a shared short domain for XSS and other hacks☆32Updated 3 years ago
- Argument Injection in Dragonfly Ruby Gem☆16Updated 3 years ago
- Next Generation Phishing Tool For Internal / Red Teams☆35Updated 5 years ago
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆15Updated last year
- Fork of https://github.com/PortSwigger/param-miner for header smuggling research☆12Updated 3 years ago
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆29Updated last year
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Updated 3 years ago
- A compilation of network scanning strategies to find vulnerable devices☆73Updated 2 years ago
- A Burp Suite extension to add a custom header (e.g. JWT)☆19Updated 4 years ago
- A command-line application to generate random user agent strings.☆17Updated 5 years ago
- ☆21Updated 7 years ago
- Burp Suite extension to discover assets from HTTP response.☆16Updated 3 years ago
- AWS Security Checks☆39Updated 7 years ago
- Phishing sites configured to work with Netlify form handling☆12Updated 5 years ago
- Vulnerable code snippets repository showcasing different vulnerabilities to practice code analysis skills.☆22Updated last year
- Kubernetes Scanner☆40Updated 3 years ago
- Interactsh deployment to AWS EC2 Instance with Terraform☆12Updated 3 years ago
- A library to enhance and speed up script/exploit writing for CTF players☆40Updated 4 years ago
- A CLI tool and library allowing to simply decode all kind of BigIP cookies.☆38Updated 4 years ago
- A CLI tool and library allowing to simply decode all kind of BigIP cookies.☆11Updated 3 weeks ago
- A tool to abuse Exchange services☆10Updated last year
- Parse OpenAPI specifications, previously known as Swagger specifications, into the BurpSuite for automating RESTful API testing – approve…