A collection of js analysis tools & scripts.
☆18May 4, 2026Updated this week
Alternatives and similar repositories for js-analysis-tools
Users that are interested in js-analysis-tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- a recon framework that facilitates discovering, scanning and monitoring assets trough a configurable engine running on serverless aws inf…☆11Aug 26, 2024Updated last year
- CRLF Detection based on @BlackFan 's work See link below☆17Mar 14, 2024Updated 2 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆16Jul 17, 2024Updated last year
- Caido's passive workflow to find potential leaked secrets, PII, and sensitive fields.☆26Jan 13, 2025Updated last year
- Javascript sourcemaps enumeration tool☆16Dec 19, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Collection of rules for Static Application Security Testing (SAST) with Semgrep☆12Apr 16, 2025Updated last year
- ☆17Oct 15, 2024Updated last year
- A Firefox Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆28Dec 9, 2024Updated last year
- The Nen Book is a list of personal notes and tips collected from a lot of recourses in different categories like: WebApp Security, API S…☆36Sep 4, 2025Updated 8 months ago
- Crawlex is a powerful Chrome extension designed to assist bug bounty hunters in their work by enabling easy crawling of all possible URLs…☆12May 28, 2023Updated 2 years ago
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆54Feb 26, 2025Updated last year
- A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements☆29Dec 18, 2022Updated 3 years ago
- ☆90Sep 20, 2024Updated last year
- API Security University & PortSwigger Academy Study Notes☆24Nov 13, 2025Updated 5 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This repository is for the Testing ASP.NET ViewState with YSoNet (YSoSerial.NET) workshop.☆24Dec 17, 2025Updated 4 months ago
- Boyer-Moore search algorithm in Go☆15Apr 6, 2022Updated 4 years ago
- Advanced test for proxy & waf☆14Feb 10, 2026Updated 2 months ago
- Code for our 2023 IEEE S&P Paper "The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web"☆15Dec 12, 2024Updated last year
- A program for collecting subdomains of a list of given second-level domains (SLD)☆15Feb 10, 2026Updated 2 months ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆46Jun 3, 2024Updated last year
- Get some useful data from Clouds for your targets☆20Updated this week
- A web server designed to shut off on command to exploit DNS rebinding in Chromium-based browsers☆19Jun 9, 2023Updated 2 years ago
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Application for showcasing Android Deep Link and WebView Vulnerabilities☆18Mar 22, 2023Updated 3 years ago
- Private vulnerability testing suite☆13Mar 30, 2021Updated 5 years ago
- ☆178Oct 15, 2024Updated last year
- ☆210Jul 11, 2024Updated last year
- Your bloodhound for hidden info in those JS files.☆17May 13, 2024Updated last year
- Seecurity helper tool to detect entry points of WordPress plugins☆10May 16, 2024Updated last year
- Archive Alchemist is a tool for creating specially crafted archives to test extraction vulnerabilities.☆231Jul 24, 2025Updated 9 months ago
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆165Jul 2, 2024Updated last year
- Create your own recon & vulnerability scanner with Trickest and GitHub☆48Sep 25, 2023Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Port Swigger Labs divided on the based of level and topic.☆14Mar 15, 2022Updated 4 years ago
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆792Dec 9, 2025Updated 4 months ago
- Find subdomains on GitLab.☆108Apr 28, 2024Updated 2 years ago
- Java安全,漏洞分析/挖掘/利用☆14Mar 14, 2023Updated 3 years ago
- gRPC / gRPC-Web Pentest Practicing Lab☆10Aug 29, 2023Updated 2 years ago
- A collection of in-depth studies authored by me on JavaScript engine vulnerabilities.☆49Feb 6, 2026Updated 3 months ago
- File system enumerator and monitor for Android and Ubuntu.☆17Sep 25, 2021Updated 4 years ago