cispa / persistent-clientside-xss
Exploit generator and Taint Engine to find persistent (and reflected) client-side XSS
☆25Updated 5 years ago
Alternatives and similar repositories for persistent-clientside-xss:
Users that are interested in persistent-clientside-xss are comparing it to the libraries listed below
- ☆23Updated 6 years ago
- ☆17Updated 6 years ago
- Additional materials for RootedCON 2015 Apache Struts talk☆30Updated 10 years ago
- ☆34Updated 5 years ago
- XSS payloads for edge cases☆34Updated 6 years ago
- My solution for GitHub Security Lab CTF 4: CodeQL and Chill - The Java Edition☆19Updated 4 years ago
- Jira未授权SSRF漏洞☆31Updated 5 years ago
- some codeql rules☆13Updated 5 years ago
- TAP: A Static Analysis Model for PHP Vulnerabilities Based on Token and Deep Learning Technology☆14Updated 5 years ago
- ☆34Updated 2 years ago
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- ☆15Updated 3 years ago
- 2 web tasks from ZeroNights HackQuest 2016☆50Updated 8 years ago
- source code of XCTF 2019 Final web task "tfboys"☆29Updated 2 years ago
- A fast generative fuzzer for HTTP☆17Updated 6 years ago
- ☆76Updated 11 years ago
- Place for random PoCs☆17Updated 4 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆9Updated 5 years ago
- My CodeQL queries collection☆96Updated last year
- Exploiting CVE-2017-7525 demo project with Angular7 frontend and Spring.☆17Updated 6 years ago
- Personal CodeQL queries☆61Updated last week
- XXE injection (file disclosure) exploit for Apache OFBiz < 16.11.04☆14Updated 6 years ago
- Confluence Widget Connector RCE☆39Updated 6 years ago
- An example repository that demonstrates how the build custom CodeQL bundles that include query customizations through the `Customizations…☆25Updated 2 years ago
- Some exploits to bypass Safer Mode in Ghostscript☆16Updated 4 years ago
- ☆20Updated 5 years ago
- Collection of AI and Security Papers☆27Updated 5 years ago
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Updated 3 years ago
- Challenges I created for 35c3☆48Updated 6 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆122Updated 7 years ago