A curated list of awesome browser security learning material.
☆151Nov 20, 2022Updated 3 years ago
Alternatives and similar repositories for awesome-browser-security
Users that are interested in awesome-browser-security are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Resources for Browser Security Research☆58Sep 17, 2022Updated 3 years ago
- rShellZ s a linux reverse-shell & exploitation assistance framework. With lots of payload and post exploitation modules.☆13Dec 13, 2023Updated 2 years ago
- An updated collection of resources targeting browser-exploitation.☆834Mar 8, 2021Updated 5 years ago
- Simple Kernel Extension to read and write Kernel Memory☆15Aug 18, 2022Updated 3 years ago
- Security test tool for Blind XSS☆26Mar 5, 2020Updated 6 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- ☆17Jan 31, 2023Updated 3 years ago
- Top 2025 Vulnerabilities You Shouldn’t Accept in a Pentest Report☆14Feb 6, 2025Updated last year
- An extension to use Semgrep inside Burp Suite.☆90May 23, 2025Updated last year
- 2019年天融信阿尔法实验室在微信公众号发布的所有安全资讯汇总☆36Jan 11, 2021Updated 5 years ago
- ☆11Dec 26, 2023Updated 2 years ago
- QUESTER is a Web Pentesting & Bug Bounty Recon tool which queries URLs / Subdomains from the given list of URLs or subdomains.☆15Aug 2, 2021Updated 4 years ago
- Hands-on practical use of HTTP security headers as browser security controls to help secure web applications☆20May 18, 2026Updated last week
- awesome list of browser exploitation tutorials☆2,281Sep 18, 2023Updated 2 years ago
- Electron-Probe leverages the Node variant of the Chrome Debugging Protocol to execute JavaScript payloads inside of target Electron appli…☆29Jan 13, 2026Updated 4 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated last year
- Provides an overview of the inner file structure of a PDF☆24Sep 26, 2022Updated 3 years ago
- ☆45Nov 18, 2022Updated 3 years ago
- A GitHub Actions Supply Chain CTF / Goat☆27Apr 13, 2026Updated last month
- DEPRECATED, please use the new repository from OWASP: https://github.com/OWASP/raider☆139Sep 14, 2021Updated 4 years ago
- ☆12Jun 5, 2024Updated last year
- oauth security guidelines☆232Jun 25, 2019Updated 6 years ago
- Automate bug bounty recon using bash alias☆15Aug 6, 2024Updated last year
- POC for CLFS CVE-2022-24481☆14May 14, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- ☆34Apr 14, 2025Updated last year
- React Suspended is an educational frontend application riddled with security vulnerabilities☆10Updated this week
- Helper scripts for windows debugging with symbols for Bochs and IDA Pro (PDB files). Very handy for user mode <--> kernel mode☆19Aug 11, 2023Updated 2 years ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,315Jan 26, 2024Updated 2 years ago
- CVE-2021-38003 exploits extracted from https://twitter.com/WhichbufferArda/status/1609604183535284224☆37Jan 7, 2023Updated 3 years ago
- ☆61May 19, 2022Updated 4 years ago
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Jan 18, 2022Updated 4 years ago
- ☆298Jun 21, 2022Updated 3 years ago
- Composite GitHub CI Action containing the minimal viable security lint for brave repositories☆22May 23, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- WebGL fuzzer☆39Mar 13, 2023Updated 3 years ago
- Exploit for the [pwn] just-in-time challenge from google ctf 2018's finals (TurboFan bug)☆60Jan 26, 2019Updated 7 years ago
- ☆79Mar 24, 2023Updated 3 years ago
- Collection of browser challenges☆137May 3, 2021Updated 5 years ago
- ☆32Sep 6, 2021Updated 4 years ago
- Security issues I've reported in Edge☆46Oct 19, 2022Updated 3 years ago
- 🖇️ equivalence table between OWASP ASVS standard and STRIDE threat modeling methodology.☆76Aug 22, 2024Updated last year