A collection of curated resources and CVEs I use for research.
☆109Aug 8, 2021Updated 4 years ago
Alternatives and similar repositories for browser-exploitation
Users that are interested in browser-exploitation are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An updated collection of resources targeting browser-exploitation.☆834Mar 8, 2021Updated 5 years ago
- My Chrome and Safari exploit code + write-up repo☆533Nov 5, 2021Updated 4 years ago
- Exploit for a bug in TurboFan's typing of JSCall nodes for builtins kStringLastIndexOf and kStringIndexOf☆59Apr 25, 2019Updated 7 years ago
- JavaScript Fuzzing framework for v8☆143Jan 24, 2022Updated 4 years ago
- 2018 Advent Calendar browser pwnables☆14Feb 14, 2019Updated 7 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- My journey through WebKit CVE-2016-4622 Exploitation process☆23Jul 29, 2025Updated 11 months ago
- ☆144Aug 17, 2022Updated 3 years ago
- ☆105Dec 9, 2019Updated 6 years ago
- Include CVE vulnerability analyze, ctf pwn and documents for Browser-pwn☆187Dec 25, 2020Updated 5 years ago
- General tips and advice for becoming interested in research, finding a suitable topic, and setting goals.☆28Mar 17, 2021Updated 5 years ago
- A collection of 1days and solutions to challenges related to v8/chrome I developed☆163Oct 28, 2019Updated 6 years ago
- Full chain Chrome 71.0.3578.98 exploit☆21Jul 18, 2021Updated 4 years ago
- ☆35Jun 14, 2021Updated 5 years ago
- Security issues I've reported in Edge☆47Oct 19, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- awesome list of browser exploitation tutorials☆2,286Sep 18, 2023Updated 2 years ago
- ☆40Jan 26, 2024Updated 2 years ago
- Exploit for CVE-2018-4233, a WebKit JIT optimization bug used during Pwn2Own 2018☆178Feb 7, 2024Updated 2 years ago
- A Collection of Chrome Sandbox Escape POCs/Exploits for learning☆867Jun 4, 2020Updated 6 years ago
- Repo for talk slides & materials☆21Nov 22, 2024Updated last year
- PoC exploit for CVE-2016-4622☆108Sep 18, 2023Updated 2 years ago
- ☆17Jan 31, 2023Updated 3 years ago
- Browser exploitation v8 and sandbox escape challenges with solutions.☆31May 10, 2022Updated 4 years ago
- Collection of browser challenges☆138May 3, 2021Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Files for the "v9" challenge of 34C3 CTF. See the greeting message in server.go for more information about the challenge☆90Feb 14, 2019Updated 7 years ago
- Exploit for the [pwn] just-in-time challenge from google ctf 2018's finals (TurboFan bug)☆60Jan 26, 2019Updated 7 years ago
- ☆50Jul 20, 2020Updated 5 years ago
- A proper well structured documentation for getting started with chrome pwning & v8 pwning☆197Jul 27, 2022Updated 3 years ago
- Corpus of public v8 vulnerability PoCs.☆224Jun 5, 2021Updated 5 years ago
- Webkit Browser Exploitation Framework written in Javascript☆11Mar 3, 2019Updated 7 years ago
- Various debugging tools such as %DumpObjects for v8☆54Jan 23, 2019Updated 7 years ago
- CVE-2020-3992 & CVE-2019-5544☆67Feb 5, 2021Updated 5 years ago
- Quarantine bypass and RCE vulnerability in Sketch (proof-of-concept)☆12Nov 22, 2021Updated 4 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Fuzzing JavaScript Engines with Aspect-preserving Mutation☆232Oct 18, 2023Updated 2 years ago
- ☆82Nov 17, 2022Updated 3 years ago
- ☆29Jul 18, 2025Updated 11 months ago
- PoC for CVE-2022-28281 a Mozilla Firefox Out of bounds write.☆73Apr 8, 2022Updated 4 years ago
- ☆85Oct 29, 2023Updated 2 years ago
- fuzz the linux kernel bpf verifier☆82Oct 9, 2021Updated 4 years ago
- ☆14Jun 21, 2020Updated 6 years ago