google / safe-html-types
Security contract types
☆61Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for safe-html-types
- Parse Content Security Policy headers, warn about policy errors, safely manipulate, render, and optimise policies☆68Updated 2 months ago
- Identify vulnerable libraries in Maven dependencies☆45Updated last year
- A Modest Content Security Proposal☆40Updated 3 years ago
- Externalize Java application access to protected resources as log messages.☆41Updated 6 months ago
- Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …☆155Updated 9 months ago
- Java Agent which mitigates deserialisation attacks by making certain classes unserializable☆185Updated 8 years ago
- Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.☆23Updated 2 years ago
- WebAppSec Content Security Policy☆210Updated last month
- A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.☆33Updated 8 years ago
- CVE database store☆129Updated 4 years ago
- Fetch Metadata☆75Updated 6 months ago
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike☆231Updated this week
- rules for scanjs functionality☆28Updated 3 years ago
- This is both a terrible and wonderful idea.☆10Updated 5 years ago
- Serial Whitelist Application Trainer☆29Updated 5 years ago
- TLS Redirection☆118Updated 7 years ago
- A documentation and tracking project with the goal of making package management systems more secure.☆49Updated 3 years ago
- A static analysis API for finding deserialization attack gadgets☆38Updated 2 years ago
- A tiny Java agent that blocks attacks against unsafe deserialization☆83Updated 7 years ago
- Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.☆159Updated 2 years ago
- A fuzzing library in JavaScript. ✨☆117Updated last month
- A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.☆42Updated 7 years ago
- Go static analysis tool that checks for security issues using an AST.☆28Updated 6 years ago
- Cookies should take scheme into account, just like every other storage mechanism on the web.☆16Updated 4 years ago
- `document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?☆16Updated last year
- Deprecated: Please visit https://github.com/github/codeql instead.☆81Updated 2 years ago
- ☆58Updated last month
- Inspect your builds to look for changes in filesystem, network traffic and running processes.☆13Updated 6 years ago
- Java Observability Toolkit☆61Updated 5 months ago
- web security checklist for Firefox Services☆74Updated 3 years ago