SoheilKhodayari / JAWLinks
JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
☆111Updated 8 months ago
Alternatives and similar repositories for JAW
Users that are interested in JAW are comparing it to the libraries listed below
Sorting:
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆51Updated last year
- Testability Pattern Catalogs for SAST☆31Updated 6 months ago
- A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.☆33Updated 5 months ago
- TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.☆53Updated last week
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆73Updated last year
- YuraScanner☆48Updated 6 months ago
- Grammar-based HTTP/1 fuzzer with mutation ability☆253Updated 10 months ago
- CodeQL zero to hero blog post series challenges☆140Updated 2 months ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆55Updated 4 months ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆95Updated last year
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆76Updated 3 years ago
- XS-Leak Browser Test Suite☆83Updated last year
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆155Updated last year
- Grammar-based HTTP/2 fuzzer with mutation ability☆47Updated 3 years ago
- Artifact for ICSE 2023☆49Updated 2 years ago
- List of Trusted Types bypasses☆101Updated last year
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆18Updated last year
- Companion repository of the "Dancer in the Dark" paper.☆19Updated last year
- XBOW Validation Benchmarks☆220Updated 2 months ago
- A framework for identifying vulnerabilities in VS Code extensions☆18Updated last year
- A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozi…☆116Updated 3 weeks ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- Awesome MXSS ??☆52Updated 11 months ago
- AutoSpear☆66Updated last year
- A structure-aware HTTP fuzzing library☆214Updated 8 months ago
- This repository is a one-stop shop for diving deep into the fascinating world of mXSS (mutations caused by browser quirks in HTML parsing…☆24Updated 6 months ago
- ☆28Updated 3 years ago
- A curated list of awesome browser security learning material.☆143Updated 2 years ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆204Updated 6 months ago
- CodeQL queries developed by Trail of Bits☆112Updated 2 months ago