SoheilKhodayari / Basta-COSI

Related projects ⓘ

Alternatives and complementary repositories for Basta-COSI

• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆40Updated last year
• fransr / hot-jar-swapping-urlclassloader
  Demo of the URLClassLoader JAR-swapping showing the ability to replace and exploit an already loaded JAR with inner classes
  ☆30Updated last year
• shhnjk / cursed_types
  List of Trusted Types bypasses
  ☆86Updated 7 months ago
• mariussteffens / pmforce
  Source code for ACM CCS 2020 Paper PMForce: Systematically Analyzing postMessage Handlers at Scale
  ☆17Updated 3 years ago
• federicodotta / protobuf-decoder
  A simple Google Protobuf Decoder for Burp
  ☆42Updated 2 years ago
• RandomRobbieBF / service-now
  Service-Now Article Bruteforcer
  ☆16Updated 4 years ago
• testable-eu / sast-testability-patterns
  Testability Pattern Catalogs for SAST
  ☆29Updated 8 months ago
• terjanq / XSS-Challenge-Solutions
  This repository is an interactive collection of my solutions to various XSS challenges.
  ☆11Updated 4 years ago
• pry0cc / nahamcon-axiom-demo-2021
  The commands and scripts I used in the Live Recon Village talks
  ☆38Updated 3 years ago
• SoheilKhodayari / JAW
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆101Updated last week
• dillonfranke / protoburp
  Encode and Fuzz Custom Protobuf Messages in Burp Suite
  ☆30Updated last year
• rootxharsh / workshoplabs
  Labs from our workshop "Demystifying the server-side".
  ☆17Updated 2 years ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆81Updated last year
• SoheilKhodayari / DOMClobbering
  DOM Clobbering Wiki, Browser Testing, and Payload Generation
  ☆44Updated last week
• LewisArdern / metasecjs
  MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts
  ☆78Updated last year
• alalng / CVE-2022-44789
  ☆12Updated last year
• janmasarik / bugshop
  ☆44Updated 4 years ago
• TROUBLE-1 / Type-juggling
  Lab that will help you to understand how type juggling vulnerability works.
  ☆22Updated 4 years ago
• 1lastBr3ath / XSleaks
  Chrome extension to detect possible xsleaks
  ☆12Updated 5 years ago
• Aurore54F / DoubleX
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆67Updated 3 years ago
• ndavison / circleci-logs
  CircleCI log and security configuration automations
  ☆22Updated 4 years ago
• physics-sec / DetectCrossOriginMessaging
  This Burp extension helps you to find usages of postMessage and recvMessage
  ☆15Updated 4 years ago
• i5nipe / android-scripts
  Some simple scripts that I use during bug bounty hunting in Android Apps
  ☆30Updated 5 months ago
• ko2sec / apkizer
  apkizer is a mass downloader for android applications for all available versions.
  ☆46Updated 3 years ago
• semgrep-old / rules-owasp-asvs
  Semgrep rules corresponding to the OWASP ASVS standard
  ☆27Updated 4 years ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆84Updated 3 years ago
• parrot409 / Parmy
  A extension for collecting parameters
  ☆25Updated 4 years ago
• honoki / wilson-cloud-respwnder
  WILSON Cloud Respwnder is a Web Interaction Logger Sending Out Notifications with the ability to serve custom content in order to appropr…
  ☆51Updated 2 months ago
• cristianstaicu / SecBench.js
  ☆28Updated last month
• ShiftLeftSecurity / flask-webgoat
  flask-webgoat is a deliberately-vulnerable application written with the Flask web framework.
  ☆19Updated 4 months ago