SonarSource / mxss-cheatsheet
This repository is a one-stop shop for diving deep into the fascinating world of mXSS (mutations caused by browser quirks in HTML parsing). providing a curated list of examples that showcase unexpected HTML behaviors.
☆18Updated last month
Alternatives and similar repositories for mxss-cheatsheet:
Users that are interested in mxss-cheatsheet are comparing it to the libraries listed below
- Awesome MXSS ??☆49Updated 6 months ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated 2 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆48Updated 5 months ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆45Updated last year
- A collection of Server-Side Prototype Pollution gadgets and exploits☆183Updated 2 months ago
- List of Trusted Types bypasses☆91Updated last year
- Proof of Concepts for unsafe deserialization in Ruby☆17Updated 6 months ago
- Same Origin XSS challenge☆56Updated 3 years ago
- ☆18Updated 3 months ago
- Guided Differential Fuzzing for HTTP Request Parsing Discrepancies☆17Updated last year
- ☆74Updated 6 months ago
- ☆62Updated 2 years ago
- a repository of all the CTF challenges I've made for public events☆54Updated last year
- Find all libraries on cdn.js that pollute your prototype☆18Updated 2 years ago
- Challenges I wrote for various CTF competitions☆41Updated 8 months ago
- ✨ Build a beautiful and simple website in literally minutes. Demo at https://beautifuljekyll.com☆21Updated 2 years ago
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆12Updated last year
- Here i will post my writeups :)☆32Updated 2 years ago
- public archive for corCTF 2022☆35Updated 2 years ago
- A collection of utilities for building extensions using Burp's Montoya API☆50Updated 9 months ago
- HTML Universal Identifier☆64Updated 4 months ago
- ☆14Updated last month
- justCTF 2023 challenges sources☆16Updated last year
- Prototype Pollution exploits collection☆32Updated 3 years ago
- XS-Leak Browser Test Suite☆80Updated last year
- Dependency Confusion Security Testing Tool☆47Updated 2 years ago
- ☆29Updated this week
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated last month
- ☆16Updated 3 years ago
- Updated version of the ProtoBurp Extension, with enhanced features and capabilities to encode and fuzz custom protobuf messages☆36Updated last year