google / csp-evaluator
☆354Updated 2 months ago
Alternatives and similar repositories for csp-evaluator:
Users that are interested in csp-evaluator are comparing it to the libraries listed below
- WebAppSec Content Security Policy☆217Updated last month
- XS-Leaks Wiki☆161Updated 2 months ago
- A collection of browser-based side channel attack vectors.☆746Updated last year
- A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.☆620Updated last month
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike☆236Updated 5 months ago
- Content released at NorthSec 2018 for my talk on prototype pollution☆526Updated 11 months ago
- The request.bin of DNS request☆235Updated 6 years ago
- research☆151Updated last year
- Automatically exported from code.google.com/p/domxsswiki☆531Updated 6 years ago
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆420Updated 5 months ago
- Burp/ZAP/Maven extension that integrate Retire.js repository to find vulnerable Javascript libraries.☆204Updated 10 months ago
- ☆539Updated 3 weeks ago
- ☆144Updated 2 years ago
- A simple SSRF-testing sheriff written in Go☆326Updated 5 months ago
- ☆676Updated 2 years ago
- Cure53 Browser Security White Paper☆294Updated 7 years ago
- Simple DNS Rebinding Service☆650Updated 5 years ago
- Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"☆203Updated 2 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆313Updated last year
- Apache Solr Injection Research☆571Updated 5 years ago
- 🏴☠️ Bypass Same Origin Policy with DNS-rebinding to retrieve local server files 🏴☠️☆199Updated 6 years ago
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆349Updated 2 years ago
- Database schema☆210Updated last month
- Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …☆161Updated last year
- ☆269Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆358Updated 8 months ago
- A tool to perform Sequential Import Chaining☆264Updated 5 years ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systems☆718Updated 8 months ago
- ☆983Updated 2 weeks ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆50Updated 7 years ago