Sivnerof / Sources-And-Sinks-CheatsheetLinks
A cheatsheet for common JavaScript sources and sinks that lead to potential vulnerabilities.
☆46Updated 2 years ago
Alternatives and similar repositories for Sources-And-Sinks-Cheatsheet
Users that are interested in Sources-And-Sinks-Cheatsheet are comparing it to the libraries listed below
Sorting:
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆283Updated 11 months ago
- ☆141Updated 3 years ago
- ☆127Updated 4 years ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆156Updated last month
- This is a python wrapper around the amazing KNOXSS API by Brute Logic☆273Updated 4 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆149Updated last year
- ☆156Updated 2 years ago
- ♥☆149Updated 2 weeks ago
- ☆43Updated 8 months ago
- De-clutter a list of URLs☆347Updated 10 months ago
- ☆174Updated last month
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆285Updated last year
- A fancier postMessage tracker with Chrome Manifest version V3 support and a few additional features, inspired by Frans Rosens postmessage…☆71Updated 2 weeks ago
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆204Updated 2 months ago
- Remote CLI tools at your fingertips☆95Updated last year
- This repository stores some of my custom BCheck Scan configurations. Its goal is to identify intriguing elements that warrant further man…☆102Updated last year
- Self-hosted bug bounty programs that are "scammy" or unethical☆144Updated 4 months ago
- This repo contains different variants of Bug Bounty & Security & Pentest & Tech related Articles☆48Updated 8 months ago
- 403Bypasser is a simple plugin that lets you bypass 403 status code by transforming HTTP requests with custom templates.☆89Updated last month
- All About Dependency Confusion Attack, (Detecting, Finding, Mitigating)☆299Updated last year
- A comprehensive list of custom filters for Logger++ to identify various vulnerabilities in different API styles☆223Updated 11 months ago
- A subdomain fuzzing tool☆169Updated last year
- Automated tool for domains & subdomains gathering☆189Updated 2 years ago
- ☆99Updated 2 years ago
- ☆248Updated 4 years ago
- ☆199Updated last year
- ☆76Updated last year
- Go scanner to find web cache poisoning vulnerabilities in a list of URLs☆144Updated last year
- Burp extension to create target specific and tailored wordlist from burp history.☆247Updated 3 years ago
- Chrome extension for automating CSPT discovery☆103Updated 3 months ago