Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
☆176Mar 25, 2026Updated last month
Alternatives and similar repositories for beyond-xss
Users that are interested in beyond-xss are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Generate DOM clobbering attack vectors for you.☆35Jun 3, 2025Updated 11 months ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆61Dec 18, 2025Updated 5 months ago
- Awesome MXSS ??☆57Sep 30, 2024Updated last year
- ☆33Jan 31, 2026Updated 3 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆229Feb 6, 2025Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Content-Type Research☆664Jun 29, 2025Updated 10 months ago
- Prototype Pollution and useful Script Gadgets☆1,620Jan 27, 2024Updated 2 years ago
- A Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidde…☆441Apr 24, 2026Updated 3 weeks ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆58Feb 5, 2026Updated 3 months ago
- static sites for blog.orange.tw☆22Dec 31, 2025Updated 4 months ago
- Passively check for XSS character encodings☆19Mar 9, 2026Updated 2 months ago
- Research paper repository for "A Hand Structure-Based Mobile Authentication Solution to the Security-Reliability Trade-off" Paper from NJ…☆13Jul 30, 2023Updated 2 years ago
- EvenBetter is a frontend Caido plugin that makes the Caido experience even better 😎☆162Feb 11, 2026Updated 3 months ago
- Monorepo for challenges, infra, and theming for UIUCTF 2024 (https://2024.uiuc.tf/)☆17Jul 14, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- HITCON 2024 x DEVCORE Wargame☆31Aug 30, 2024Updated last year
- CodeQL zero to hero blog post series challenges☆171Sep 29, 2025Updated 7 months ago
- 10,000 H1 Disclosed Reports☆120May 10, 2024Updated 2 years ago
- nativeRasp that can hook native methods☆23Apr 24, 2023Updated 3 years ago
- A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.☆794Dec 9, 2025Updated 5 months ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,310Jan 26, 2024Updated 2 years ago
- 🏴 🏴 🏴☆106Aug 28, 2025Updated 8 months ago
- WeCTF 2022 Source Code & Organizer's Writeup☆33Jun 12, 2022Updated 3 years ago
- XS-Leaks Wiki☆181Mar 13, 2026Updated 2 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Subbdom API Client☆13Feb 7, 2025Updated last year
- Quick research done on some bug bounty blogs! Check em out :)☆152Jan 19, 2025Updated last year
- A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.☆50Aug 31, 2025Updated 8 months ago
- My security presentations☆28Aug 21, 2023Updated 2 years ago
- some fun php exploits☆81Nov 12, 2024Updated last year
- TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.☆94Aug 25, 2025Updated 8 months ago
- Differential testing framework for HTTP implementations☆933Jan 21, 2026Updated 3 months ago
- Elevate your bookmarking game with my latest Bookmark Toolkit. Engineered for ethical bookmarking and enhanced web exploration, it delive…☆49Apr 5, 2025Updated last year
- A tool which helps identifying client-side prototype polluting libraries☆39May 1, 2025Updated last year
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- public archive for corCTF 2022☆37Aug 16, 2022Updated 3 years ago
- ☆11May 25, 2024Updated last year
- Make exploiting race conditions in web applications highly efficient and ease-of-use.☆25Jun 18, 2025Updated 11 months ago
- ☆11Jun 8, 2022Updated 3 years ago
- Scripts and other stuff.☆132Mar 9, 2026Updated 2 months ago
- EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.☆22Sep 26, 2024Updated last year
- MapperPlus facilitates the extraction of source code from a collection of targets that have publicly exposed .js.map files.☆300Oct 5, 2024Updated last year