aszx87410 / beyond-xss
Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
☆103Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for beyond-xss
- A collection of Server-Side Prototype Pollution gadgets and exploits☆132Updated 2 months ago
- Awesome MXSS ??☆45Updated last month
- Here i will post my writeups :)☆31Updated last year
- Challenges I wrote for various CTF competitions☆39Updated 3 months ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆43Updated this week
- ☆87Updated 11 months ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆115Updated last week
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆103Updated 4 months ago
- PP-finder Help you find gadget for prototype pollution exploitation☆137Updated 3 months ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆29Updated 2 weeks ago
- Searcher for cross-site leaks (XS-Leaks)☆81Updated last year
- Client-Side Prototype Pollution Tools☆84Updated 3 years ago
- ☆65Updated last month
- Same Origin XSS challenge☆56Updated 2 years ago
- HTTP/2 Single Packet Attack low Level Library / Tool based on Scapy + Exploit Timing Attacks☆138Updated this week
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆63Updated 7 months ago
- CVE-2023-33733 reportlab RCE☆112Updated last year
- Bambdas collection for Burp Suite Professional and Community.☆203Updated last week
- Need any help bypassing CSP ?☆24Updated 3 years ago
- CSPTPlayground is an open-source playground to find and exploit Client-Side Path Traversal (CSPT).☆79Updated last month
- Find all libraries on cdn.js that pollute your prototype☆19Updated 2 years ago
- a repository of all the CTF challenges I've made for public events☆47Updated last year
- ctf writeups☆62Updated 2 years ago
- A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON☆112Updated 7 months ago
- Generates a `php://filter` chain that adds a prefix and a suffix to the contents of a file.☆177Updated last month
- jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic using the CLI tool jsluice☆245Updated 7 months ago
- gRPC-Web Pentesting Suite + Burp Suite Extension☆166Updated 4 months ago
- A chrome/Firefox extension to retrieve and load react javascript chunks all at once for a wide range of javascript techs☆60Updated 3 months ago
- Header Exploitation HTTP☆142Updated this week
- A tool which helps identifying client-side prototype polluting libraries☆36Updated 6 months ago