Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
☆176Oct 27, 2025Updated 4 months ago
Alternatives and similar repositories for beyond-xss
Users that are interested in beyond-xss are comparing it to the libraries listed below
Sorting:
- Generate DOM clobbering attack vectors for you.☆35Jun 3, 2025Updated 9 months ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆61Dec 18, 2025Updated 2 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆227Feb 6, 2025Updated last year
- static sites for blog.orange.tw☆23Dec 31, 2025Updated 2 months ago
- ☆31Jan 31, 2026Updated last month
- Awesome MXSS ??☆56Sep 30, 2024Updated last year
- Passively check for XSS character encodings☆18Mar 1, 2026Updated last week
- Content-Type Research☆656Jun 29, 2025Updated 8 months ago
- Prototype Pollution and useful Script Gadgets☆1,589Jan 27, 2024Updated 2 years ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆59Feb 5, 2026Updated last month
- A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidde…☆434Oct 16, 2025Updated 4 months ago
- Monorepo for challenges, infra, and theming for UIUCTF 2024 (https://2024.uiuc.tf/)☆17Jul 14, 2024Updated last year
- 10,000 H1 Disclosed Reports☆118May 10, 2024Updated last year
- A tool which helps identifying client-side prototype polluting libraries☆39May 1, 2025Updated 10 months ago
- Make exploiting race conditions in web applications highly efficient and ease-of-use.☆27Jun 18, 2025Updated 8 months ago
- CodeQL zero to hero blog post series challenges☆164Sep 29, 2025Updated 5 months ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆161Feb 11, 2026Updated 3 weeks ago
- Scripts and other stuff.☆132Nov 22, 2023Updated 2 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,293Jan 26, 2024Updated 2 years ago
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆777Dec 9, 2025Updated 3 months ago
- Differential testing framework for HTTP implementations☆926Jan 21, 2026Updated last month
- My security presentations☆29Aug 21, 2023Updated 2 years ago
- All The Notes And Tips I FOund In Github And Twitter I Put Them Here☆35Aug 31, 2020Updated 5 years ago
- WeCTF 2022 Source Code & Organizer's Writeup☆31Jun 12, 2022Updated 3 years ago
- TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.☆91Aug 25, 2025Updated 6 months ago
- Source code and writeups for CSCTF'24!☆18Sep 15, 2024Updated last year
- HITCON 2024 x DEVCORE Wargame☆31Aug 30, 2024Updated last year
- A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.☆48Aug 31, 2025Updated 6 months ago
- XS-Leaks Wiki☆178May 29, 2025Updated 9 months ago
- EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.☆22Sep 26, 2024Updated last year
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆286Oct 5, 2024Updated last year
- some fun php exploits☆82Nov 12, 2024Updated last year
- 静态分析基础教程☆180Jan 3, 2026Updated 2 months ago
- All challenges from DiceCTF 2023☆74Feb 6, 2023Updated 3 years ago
- Research paper repository for "A Hand Structure-Based Mobile Authentication Solution to the Security-Reliability Trade-off" Paper from NJ…☆13Jul 30, 2023Updated 2 years ago
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆149Dec 9, 2024Updated last year
- public archive for corCTF 2022☆37Aug 16, 2022Updated 3 years ago
- ☆64Mar 14, 2024Updated last year
- 🏴 🏴 🏴☆106Aug 28, 2025Updated 6 months ago