doyensec / awesome-electronjs-hackingLinks
A curated list of awesome resources about Electron.js (in)security
☆647Updated 4 months ago
Alternatives and similar repositories for awesome-electronjs-hacking
Users that are interested in awesome-electronjs-hacking are comparing it to the libraries listed below
Sorting:
- ☆688Updated 3 years ago
- Prototype Pollution and useful Script Gadgets☆1,525Updated last year
- ☆1,192Updated 3 years ago
- Client Side Prototype Pollution Scanner☆520Updated 3 years ago
- Content-Type Research☆635Updated 2 months ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-icon☆1,216Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆901Updated 3 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆442Updated last month
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆374Updated last year
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆754Updated 3 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆647Updated last year
- Electron JS Browser To Find XSS Vulnerabilities Automatically☆740Updated 4 years ago
- ☆697Updated 10 months ago
- A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.☆727Updated last year
- NodeJS Red-Team Cheat Sheet☆220Updated 6 years ago
- Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.☆1,023Updated last month
- List DTDs and generate XXE payloads using those local DTDs.☆640Updated last year
- A cheatsheet for exploiting server-side SVG processors.☆770Updated 5 years ago
- Public Roadmap | huntr.dev☆266Updated last year
- Simple DNS Rebinding Service☆688Updated 5 years ago
- DNS rebinding toolkit☆255Updated 2 years ago
- A curated list of awesome browser security learning material.☆144Updated 2 years ago
- ☆555Updated 6 months ago
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..e…☆990Updated last year
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆389Updated 3 years ago
- This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests a…☆341Updated 4 years ago
- Collections of Orange Tsai's public presentation slides.☆743Updated 8 months ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀☆637Updated last month
- a javascript change monitoring tool for bugbounties☆663Updated last year
- Simple websites vulnerable to Server Side Template Injections(SSTI)☆402Updated 2 years ago