jackfromeast / dom-clobbering-collectionView external linksLinks
A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.
☆48Aug 31, 2025Updated 5 months ago
Alternatives and similar repositories for dom-clobbering-collection
Users that are interested in dom-clobbering-collection are comparing it to the libraries listed below
Sorting:
- ☆16Jul 31, 2021Updated 4 years ago
- phpfuck: using only 5 different characters to write and execute php // (^.9)☆20Nov 26, 2021Updated 4 years ago
- Infrastructure for the Potluck CTF☆25Mar 11, 2024Updated last year
- ☆31Jan 31, 2026Updated 2 weeks ago
- ☆12Jan 10, 2024Updated 2 years ago
- This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) an…☆130Feb 4, 2026Updated last week
- ☆17Nov 28, 2021Updated 4 years ago
- 一个burpsuite插件,用于被动检测可能存在的XSS漏洞的请求。后续将完善对于可以请求的xss探针、xss攻击以及DOM型xss检测。☆16Dec 26, 2018Updated 7 years ago
- Generate DOM clobbering attack vectors for you.☆35Jun 3, 2025Updated 8 months ago
- This repository is an interactive collection of my solutions to various XSS challenges.☆13Oct 25, 2020Updated 5 years ago
- Python sandbox escape wiki + payload generator☆139Sep 18, 2024Updated last year
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆75Jan 21, 2024Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- challenges 2024 woohoo☆22Sep 19, 2024Updated last year
- Inti easter challenge poc☆18May 4, 2021Updated 4 years ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆57Oct 25, 2023Updated 2 years ago
- DOM Clobbering Wiki, Browser Testing, and Payload Generation☆61Dec 18, 2025Updated last month
- Find all libraries on cdn.js that pollute your prototype☆19Sep 1, 2022Updated 3 years ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆222Feb 6, 2025Updated last year
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆110Jun 23, 2025Updated 7 months ago
- CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scr…☆561Feb 7, 2026Updated last week
- a repository of all the CTF challenges I've made for public events☆58Jul 30, 2025Updated 6 months ago
- ☆48Aug 2, 2025Updated 6 months ago
- ☆68Nov 5, 2021Updated 4 years ago
- ☆26Jun 19, 2022Updated 3 years ago
- ☆32Jan 24, 2025Updated last year
- ☆31May 1, 2025Updated 9 months ago
- Burp Suite参数收集插件(Python)☆27Dec 10, 2021Updated 4 years ago
- CTF challenges I created 🚩☆76Dec 26, 2025Updated last month
- HTTP/2 Last Frame Synchronization (also known as Single Packet Attack) low Level Library / Tool based on Scapy + Exploit Timing Attacks☆213Jan 30, 2026Updated 2 weeks ago
- Disclosures of third party vulnerabilities found by Meta☆32Mar 21, 2023Updated 2 years ago
- Powerful grid system with CSS grid layout. Works in all modern browsers and IE11.☆19May 7, 2021Updated 4 years ago
- ☆10Mar 8, 2024Updated last year
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆96Dec 22, 2024Updated last year
- Research paper repository for "A Hand Structure-Based Mobile Authentication Solution to the Security-Reliability Trade-off" Paper from NJ…☆13Jul 30, 2023Updated 2 years ago
- Prototype Pollution and useful Script Gadgets☆1,581Jan 27, 2024Updated 2 years ago
- Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security☆173Oct 27, 2025Updated 3 months ago
- 存放投稿里的一些文件☆11Oct 31, 2020Updated 5 years ago
- Hydroponikanlage mit ESP32-Steuerung☆10Apr 6, 2021Updated 4 years ago