jackfromeast/dom-clobbering-collection external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

jackfromeast/dom-clobbering-collection

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jackfromeast/dom-clobbering-collection)

Close

jackfromeast / dom-clobbering-collectionView on GitHubMore

• External links
• Readme badge

A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.

☆50Aug 31, 2025Updated 9 months ago

Alternatives and similar repositories for dom-clobbering-collection

Users that are interested in dom-clobbering-collection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• jackfromeast / TheHulk

  View on GitHub
  TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.
  ☆95Aug 25, 2025Updated 9 months ago
• TheGrandPew / Sanity

  View on GitHub
  ☆17Jul 31, 2021Updated 4 years ago
• SoheilKhodayari / TheThing

  View on GitHub
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆58Oct 25, 2023Updated 2 years ago
• SECCON / SECCON2023_final_CTF

  View on GitHub
  ☆12Jan 10, 2024Updated 2 years ago
• kevin-mizu / GMSGadget

  View on GitHub
  This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) an…
  ☆143Feb 4, 2026Updated 4 months ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• Slonser / hui

  View on GitHub
  HTML Universal Identifier
  ☆68Dec 15, 2024Updated last year
• terjanq / XSS-Challenge-Solutions

  View on GitHub
  This repository is an interactive collection of my solutions to various XSS challenges.
  ☆13Oct 25, 2020Updated 5 years ago
• kevin-mizu / bot-ctf-template

  View on GitHub
  ☆34Jan 31, 2026Updated 4 months ago
• splitline / DOM-Clobber3r

  View on GitHub
  Generate DOM clobbering attack vectors for you.
  ☆35Jun 3, 2025Updated last year
• ZetaTwo / potluckctf

  View on GitHub
  Infrastructure for the Potluck CTF
  ☆25Mar 11, 2024Updated 2 years ago
• KTH-LangSec / silent-spring

  View on GitHub
  Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js
  ☆75Jan 21, 2024Updated 2 years ago
• masatokinugawa / css-exfiltration-svg-font

  View on GitHub
  ☆18Nov 28, 2021Updated 4 years ago
• wrmelicher / ChromiumTaintTracking

  View on GitHub
  ☆18Dec 2, 2018Updated 7 years ago
• reewardius / nuclei-fast-templates

  View on GitHub
  ☆20Apr 27, 2026Updated last month
• End-to-end encrypted email - Proton Mail • Ad
  Special offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
• sigpwny / UIUCTF-2024-Public

  View on GitHub
  Monorepo for challenges, infra, and theming for UIUCTF 2024 (https://2024.uiuc.tf/)
  ☆17Jul 14, 2024Updated last year
• terjanq / Easter-xss-challenge

  View on GitHub
  Inti easter challenge poc
  ☆17May 4, 2021Updated 5 years ago
• ambionics / lightyear

  View on GitHub
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆113Jun 23, 2025Updated 11 months ago
• KTH-LangSec / server-side-prototype-pollution

  View on GitHub
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆234Feb 6, 2025Updated last year
• jailctf / pyjailbreaker

  View on GitHub
  Python sandbox escape wiki + payload generator
  ☆146Sep 18, 2024Updated last year
• botesjuan / API-Web-Security

  View on GitHub
  API Security University & PortSwigger Academy Study Notes
  ☆25Nov 13, 2025Updated 7 months ago
• ElSicarius / Supp-truder

  View on GitHub
  Supertruder but better
  ☆31Mar 10, 2023Updated 3 years ago
• erickfernandox / nuclei-templates

  View on GitHub
  ☆15May 8, 2025Updated last year
• renniepak / CSPBypass

  View on GitHub
  CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scr…
  ☆669May 29, 2026Updated 3 weeks ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• nodyhub / zipslipper

  View on GitHub
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Sep 20, 2024Updated last year
• jailctf / challenges-2024

  View on GitHub
  challenges 2024 woohoo
  ☆22Sep 19, 2024Updated last year
• WangYihang / Subdomain-Crawler

  View on GitHub
  A program for collecting subdomains of a list of given second-level domains (SLD)
  ☆15Feb 10, 2026Updated 4 months ago
• charisma334 / how-to-pwn-xyz

  View on GitHub
  Repo containing walkthroughs to possibly pwn Admin Panels and Exposed Consoles
  ☆17Sep 20, 2024Updated last year
• fast-sp-2023 / fast

  View on GitHub
  ☆31May 1, 2025Updated last year
• dk4trin / templates-nuclei

  View on GitHub
  ☆21May 25, 2025Updated last year
• felipecaon / wpsechelper

  View on GitHub
  Seecurity helper tool to detect entry points of WordPress plugins
  ☆10May 16, 2024Updated 2 years ago
• BrunoHalltari / CTF-Writeups

  View on GitHub
  Here i will post my writeups :)
  ☆33Dec 9, 2022Updated 3 years ago
• TechieNeurons / CVE-2024-3116_RCE_in_pgadmin_8.4

  View on GitHub
  Making a lab and testing the CVE-2024-3116, a Remote Code Execution in pgadmin <=8.4
  ☆12Apr 11, 2024Updated 2 years ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• ixSly / sCSSLeak

  View on GitHub
  CSS injection requires an attacker to load a standalone CSS file to leak HTML tag attributes.
  ☆21Apr 19, 2024Updated 2 years ago
• BlackFan / client-side-prototype-pollution

  View on GitHub
  Prototype Pollution and useful Script Gadgets
  ☆1,634Jan 27, 2024Updated 2 years ago
• Static-Flow / BOR

  View on GitHub
  BOR - Break On Request, is a burp extension that provides a custom context menu for marking requests to be stopped by the interceptor wit…
  ☆13Nov 18, 2022Updated 3 years ago
• SoheilKhodayari / DOMClobbering

  View on GitHub
  DOM Clobbering Wiki, Browser Testing, and Payload Generation
  ☆62Dec 18, 2025Updated 6 months ago
• aristosMiliaressis / js-analysis-tools

  View on GitHub
  A collection of js analysis tools & scripts.
  ☆19May 4, 2026Updated last month
• Rhynorater / rebindMultiA

  View on GitHub
  ☆64Mar 1, 2023Updated 3 years ago
• GDGAlgiers / Devfest22Challenges

  View on GitHub
  This Repository contains the challenges of Devfest 2022 Algiers
  ☆16Dec 22, 2022Updated 3 years ago