A collection of js analysis tools & scripts.
☆19May 4, 2026Updated last month
Alternatives and similar repositories for js-analysis-tools
Users that are interested in js-analysis-tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- a recon framework that facilitates discovering, scanning and monitoring assets trough a configurable engine running on serverless aws inf…☆11Aug 26, 2024Updated last year
- CRLF Detection based on @BlackFan 's work See link below☆17Mar 14, 2024Updated 2 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆16Jul 17, 2024Updated last year
- Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.☆28Jan 13, 2025Updated last year
- Javascript sourcemaps enumeration tool☆16Dec 19, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Collection of rules for Static Application Security Testing (SAST) with Semgrep☆13Apr 16, 2025Updated last year
- ☆17Oct 15, 2024Updated last year
- A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆28Dec 9, 2024Updated last year
- The Nen Book is a list of personal notes and tips collected from a lot of recourses in different categories like: WebApp Security, API S…☆37Sep 4, 2025Updated 9 months ago
- Crawlex is a powerful Chrome extension designed to assist bug bounty hunters in their work by enabling easy crawling of all possible URLs…☆12May 28, 2023Updated 3 years ago
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆54Feb 26, 2025Updated last year
- A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements☆29Dec 18, 2022Updated 3 years ago
- ☆92Sep 20, 2024Updated last year
- API Security University & PortSwigger Academy Study Notes☆25Nov 13, 2025Updated 7 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.☆25Dec 17, 2025Updated 6 months ago
- Boyer-Moore search algorithm in Go☆15Apr 6, 2022Updated 4 years ago
- Advanced test for proxy & waf☆14Feb 10, 2026Updated 4 months ago
- Code for our 2023 IEEE S&P Paper "The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web"☆16Dec 12, 2024Updated last year
- A program for collecting subdomains of a list of given second-level domains (SLD)☆15Feb 10, 2026Updated 4 months ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆46Jun 3, 2024Updated 2 years ago
- Get some useful data from Clouds for your targets☆20Updated this week
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆19Jun 9, 2023Updated 3 years ago
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Application for showcasing Android Deep Link and WebView Vulnerabilities☆18Mar 22, 2023Updated 3 years ago
- Private vulnerability testing suite☆13Mar 30, 2021Updated 5 years ago
- ☆179Oct 15, 2024Updated last year
- ☆212Jul 11, 2024Updated last year
- Your bloodhound for hidden info in those JS files.☆17May 13, 2024Updated 2 years ago
- Seecurity helper tool to detect entry points of WordPress plugins☆10May 16, 2024Updated 2 years ago
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆236Jul 24, 2025Updated 10 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆166Jul 2, 2024Updated last year
- Create your own recon & vulnerability scanner with Trickest and GitHub☆47Sep 25, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆802Dec 9, 2025Updated 6 months ago
- Port Swigger Labs divided on the based of level and topic.☆14Mar 15, 2022Updated 4 years ago
- Java安全,漏洞分析/�挖掘/利用☆14Mar 14, 2023Updated 3 years ago
- Find subdomains on GitLab.☆106Apr 28, 2024Updated 2 years ago
- gRPC / gRPC-Web Pentest Practicing Lab☆10Aug 29, 2023Updated 2 years ago
- A collection of in-depth studies authored by me on JavaScript engine vulnerabilities.☆49Feb 6, 2026Updated 4 months ago
- File system enumerator and monitor for Android and Ubuntu.☆17Sep 25, 2021Updated 4 years ago