google / safe-html-types
Security contract types
☆61Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for safe-html-types
- A Modest Content Security Proposal☆39Updated 3 years ago
- Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …☆155Updated 8 months ago
- Parse Content Security Policy headers, warn about policy errors, safely manipulate, render, and optimise policies☆68Updated 2 months ago
- Identify vulnerable libraries in Maven dependencies☆45Updated last year
- Externalize Java application access to protected resources as log messages.☆41Updated 5 months ago
- Discussion area for security aspects of ECMAScript☆64Updated 6 years ago
- WebAppSec Content Security Policy☆210Updated 3 weeks ago
- This is both a terrible and wonderful idea.☆10Updated 5 years ago
- web security checklist for Firefox Services☆74Updated 3 years ago
- Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike☆231Updated last month
- Secure Contexts, but with _more_ secureness!☆19Updated 6 months ago
- Serial Whitelist Application Trainer☆29Updated 5 years ago
- Go static analysis tool that checks for security issues using an AST.☆28Updated 5 years ago
- Cookies should take scheme into account, just like every other storage mechanism on the web.☆16Updated 4 years ago
- A fuzzing library in JavaScript. ✨☆117Updated 3 weeks ago
- CVE database store☆129Updated 4 years ago
- A documentation and tracking project with the goal of making package management systems more secure.☆49Updated 3 years ago
- Java Agent which mitigates deserialisation attacks by making certain classes unserializable☆185Updated 8 years ago
- Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.☆159Updated 2 years ago
- ☆171Updated 6 years ago
- CVE database☆22Updated 4 years ago
- Security advisories for Node.js and the JavaScript ecosystem.☆41Updated 3 years ago
- `document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?☆16Updated last year
- A tiny Java agent that blocks attacks against unsafe deserialization☆83Updated 7 years ago
- Repository to showcase various configuration recipes with various technologies☆35Updated last year
- Fetch Metadata☆75Updated 6 months ago
- rules for scanjs functionality☆28Updated 3 years ago
- Evaluation Framework for Dependency Analysis (EFDA)☆42Updated 2 years ago
- An SSRF-preventing wrapper around Node's request module☆26Updated 6 years ago
- Record and Replay Engine for Web Browsers☆16Updated 9 years ago