Sivnerof / Sources-And-Sinks-CheatsheetLinks
A cheatsheet for common JavaScript sources and sinks that lead to potential vulnerabilities.
☆43Updated 2 years ago
Alternatives and similar repositories for Sources-And-Sinks-Cheatsheet
Users that are interested in Sources-And-Sinks-Cheatsheet are comparing it to the libraries listed below
Sorting:
- ☆138Updated 3 years ago
- ☆156Updated 2 years ago
- Burp extension to create target specific and tailored wordlist from burp history.☆245Updated 3 years ago
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆257Updated 10 months ago
- De-clutter a list of URLs☆346Updated 9 months ago
- This is a python wrapper around the amazing KNOXSS API by Brute Logic☆273Updated 3 months ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆153Updated last week
- ☆127Updated 4 years ago
- ♥☆139Updated 11 months ago
- ☆43Updated 8 months ago
- ☆174Updated last week
- get all nuclei temp from emad shanab repo in one run☆36Updated 2 years ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆148Updated last year
- ☆98Updated 2 years ago
- Your AI javascript collaborator☆37Updated 3 months ago
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆201Updated last month
- 403Bypasser is a simple plugin that lets you bypass 403 status code by transforming HTTP requests with custom templates.☆86Updated 2 weeks ago
- Self-hosted bug bounty programs that are "scammy" or unethical☆142Updated 3 months ago
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆297Updated last year
- A subdomain fuzzing tool☆168Updated last year
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆101Updated last year
- Remote CLI tools at your fingertips☆93Updated last year
- Legitimate bug bounty programs value ethical practices and provide clear rewards to researchers for identifying security flaws☆41Updated 11 months ago
- Automated tool for domains & subdomains gathering☆188Updated 2 years ago
- ☆198Updated last year
- Unofficial documentation for the great tool Param Miner☆182Updated 3 years ago
- ☆73Updated 11 months ago
- A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles☆224Updated 10 months ago
- Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.☆538Updated 5 months ago
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆282Updated last year