google / safe-html-types

Related projects ⓘ

Alternatives and complementary repositories for safe-html-types

• shapesecurity / salvation
  Parse Content Security Policy headers, warn about policy errors, safely manipulate, render, and optimise policies
  ☆68Updated 2 months ago
• victims / maven-security-versions
  Identify vulnerable libraries in Maven dependencies
  ☆45Updated last year
• WICG / csp-next
  A Modest Content Security Proposal
  ☆40Updated 3 years ago
• spoofzu / jvmxray
  Externalize Java application access to protected resources as log messages.
  ☆41Updated 6 months ago
• google / security-crawl-maze
  Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link …
  ☆155Updated 9 months ago
• kantega / notsoserial
  Java Agent which mitigates deserialisation attacks by making certain classes unserializable
  ☆185Updated 8 years ago
• JLLeitschuh / lgtm_hack_scripts
  Collection of python helper API's for interacting with LGTM.com in ways the official API doesn't support.
  ☆23Updated 2 years ago
• w3c / webappsec-csp
  WebAppSec Content Security Policy
  ☆210Updated last month
• olivo / redos-detector
  A tool for detecting regular expression denial-of-service vulnerabilities in Android apps.
  ☆33Updated 8 years ago
• victims / victims-cve-db
  CVE database store
  ☆129Updated 4 years ago
• w3c / webappsec-fetch-metadata
  Fetch Metadata
  ☆75Updated 6 months ago
• mozilla / eslint-plugin-no-unsanitized
  Custom ESLint rule to disallows unsafe innerHTML, outerHTML, insertAdjacentHTML and alike
  ☆231Updated this week
• mozfreddyb / eslint-plugin-scanjs-rules
  rules for scanjs functionality
  ☆28Updated 3 years ago
• mikewest / strict-csp-for-everyone
  This is both a terrible and wonderful idea.
  ☆10Updated 5 years ago
• cschneider4711 / SWAT
  Serial Whitelist Application Trainer
  ☆29Updated 5 years ago
• GrrrDog / TLS-Redirection
  TLS Redirection
  ☆118Updated 7 years ago
• OWASP / packman
  A documentation and tracking project with the goal of making package management systems more secure.
  ☆49Updated 3 years ago
• Contrast-Security-OSS / joogle
  A static analysis API for finding deserialization attack gadgets
  ☆38Updated 2 years ago
• Contrast-Security-OSS / contrast-rO0
  A tiny Java agent that blocks attacks against unsafe deserialization
  ☆83Updated 7 years ago
• mveytsman / dilettante
  Maven central doesn't do SSL when serving you JARs. Dilettante is a MiTM proxy for exploiting that.
  ☆159Updated 2 years ago
• MozillaSecurity / octo
  A fuzzing library in JavaScript. ✨
  ☆117Updated last month
• cweb / unicode-hax
  A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.
  ☆42Updated 7 years ago
• nccgroup / glasgo
  Go static analysis tool that checks for security issues using an AST.
  ☆28Updated 6 years ago
• mikewest / scheming-cookies
  Cookies should take scheme into account, just like every other storage mechanism on the web.
  ☆16Updated 4 years ago
• mikewest / deprecating-document-domain
  `document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
  ☆16Updated last year
• Semmle / SecurityQueries
  Deprecated: Please visit https://github.com/github/codeql instead.
  ☆81Updated 2 years ago
• eBay / DASTProxy
  ☆58Updated last month
• srcclr / build-inspector
  Inspect your builds to look for changes in filesystem, network traffic and running processes.
  ☆13Updated 6 years ago
• planetlevel / jot
  Java Observability Toolkit
  ☆61Updated 5 months ago
• mozilla-services / websec-check
  web security checklist for Firefox Services
  ☆74Updated 3 years ago