jackfromeast/dom-clobbering-collection external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

jackfromeast/dom-clobbering-collection

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jackfromeast/dom-clobbering-collection)

Close

jackfromeast / dom-clobbering-collectionView on GitHubMore

• External links
• Readme badge

A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.

☆49Aug 31, 2025Updated 7 months ago

Alternatives and similar repositories for dom-clobbering-collection

Users that are interested in dom-clobbering-collection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• jackfromeast / TheHulk

  View on GitHub
  TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.
  ☆92Aug 25, 2025Updated 7 months ago
• msrkp / MXSS

  View on GitHub
  Awesome MXSS ??
  ☆56Sep 30, 2024Updated last year
• arxenix / phpfuck

  View on GitHub
  phpfuck: using only 5 different characters to write and execute php // (^.9)
  ☆20Nov 26, 2021Updated 4 years ago
• TheGrandPew / Sanity

  View on GitHub
  ☆17Jul 31, 2021Updated 4 years ago
• SECCON / SECCON2023_final_CTF

  View on GitHub
  ☆12Jan 10, 2024Updated 2 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• kevin-mizu / GMSGadget

  View on GitHub
  This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) an…
  ☆137Feb 4, 2026Updated 2 months ago
• Slonser / hui

  View on GitHub
  HTML Universal Identifier
  ☆67Dec 15, 2024Updated last year
• terjanq / XSS-Challenge-Solutions

  View on GitHub
  This repository is an interactive collection of my solutions to various XSS challenges.
  ☆13Oct 25, 2020Updated 5 years ago
• kevin-mizu / bot-ctf-template

  View on GitHub
  ☆31Jan 31, 2026Updated 2 months ago
• splitline / DOM-Clobber3r

  View on GitHub
  Generate DOM clobbering attack vectors for you.
  ☆35Jun 3, 2025Updated 10 months ago
• ZetaTwo / potluckctf

  View on GitHub
  Infrastructure for the Potluck CTF
  ☆25Mar 11, 2024Updated 2 years ago
• wrmelicher / ChromiumTaintTracking

  View on GitHub
  ☆18Dec 2, 2018Updated 7 years ago
• reewardius / nuclei-fast-templates

  View on GitHub
  ☆18Jan 23, 2026Updated 2 months ago
• terjanq / Easter-xss-challenge

  View on GitHub
  Inti easter challenge poc
  ☆16May 4, 2021Updated 4 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• developer-guy / falco-the-kubernetes-response-engine-using-openfaas-functions

  View on GitHub
  Demonstrating how you can take an action to your intrusions detected by Falco using OpenFaaS functions
  ☆26Mar 24, 2021Updated 5 years ago
• ambionics / lightyear

  View on GitHub
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆112Jun 23, 2025Updated 9 months ago
• KTH-LangSec / server-side-prototype-pollution

  View on GitHub
  A collection of Server-Side Prototype Pollution gadgets and exploits
  ☆230Feb 6, 2025Updated last year
• aszx87410 / cdnjs-prototype-pollution

  View on GitHub
  Find all libraries on cdn.js that pollute your prototype
  ☆19Sep 1, 2022Updated 3 years ago
• jailctf / pyjailbreaker

  View on GitHub
  Python sandbox escape wiki + payload generator
  ☆143Sep 18, 2024Updated last year
• renniepak / CSPBypass

  View on GitHub
  CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scr…
  ☆643Apr 12, 2026Updated last week
• ElSicarius / Supp-truder

  View on GitHub
  Supertruder but better
  ☆31Mar 10, 2023Updated 3 years ago
• erickfernandox / nuclei-templates

  View on GitHub
  ☆15May 8, 2025Updated 11 months ago
• nodyhub / zipslipper

  View on GitHub
  Create tar/zip archives that try to exploit zipslip vulnerability.
  ☆48Sep 20, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• jailctf / challenges-2024

  View on GitHub
  challenges 2024 woohoo
  ☆22Sep 19, 2024Updated last year
• WangYihang / Subdomain-Crawler

  View on GitHub
  A program for collecting subdomains of a list of given second-level domains (SLD)
  ☆15Feb 10, 2026Updated 2 months ago
• masatokinugawa / ShadowBreakers

  View on GitHub
  ☆51Aug 2, 2025Updated 8 months ago
• strellic / my-ctf-challenges

  View on GitHub
  a repository of all the CTF challenges I've made for public events
  ☆63Jul 30, 2025Updated 8 months ago
• charisma334 / how-to-pwn-xyz

  View on GitHub
  Repo containing walkthroughs to possibly pwn Admin Panels and Exposed Consoles
  ☆17Sep 20, 2024Updated last year
• dk4trin / templates-nuclei

  View on GitHub
  ☆20May 25, 2025Updated 10 months ago
• fast-sp-2023 / fast

  View on GitHub
  ☆31May 1, 2025Updated 11 months ago
• felipecaon / wpsechelper

  View on GitHub
  Seecurity helper tool to detect entry points of WordPress plugins
  ☆10May 16, 2024Updated last year
• BrunoHalltari / CTF-Writeups

  View on GitHub
  Here i will post my writeups :)
  ☆33Dec 9, 2022Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• TechieNeurons / CVE-2024-3116_RCE_in_pgadmin_8.4

  View on GitHub
  Making a lab and testing the CVE-2024-3116, a Remote Code Execution in pgadmin <=8.4
  ☆12Apr 11, 2024Updated 2 years ago
• m0kr4n3 / client-side-workshop-Bsides-2021

  View on GitHub
  The content of the workshop Client-side web security for Bsides 2021 event, held by @m0kr4n3 and @ouxs-19 at ESI algiers.
  ☆13Jan 8, 2022Updated 4 years ago
• BlackFan / client-side-prototype-pollution

  View on GitHub
  Prototype Pollution and useful Script Gadgets
  ☆1,607Jan 27, 2024Updated 2 years ago
• bjrjk / js-vuln-studies

  View on GitHub
  A collection of in-depth studies authored by me on JavaScript engine vulnerabilities.
  ☆49Feb 6, 2026Updated 2 months ago
• ixSly / sCSSLeak

  View on GitHub
  CSS injection requires an attacker to load a standalone CSS file to leak HTML tag attributes.
  ☆21Apr 19, 2024Updated 2 years ago
• synack / owasp-mstg

  View on GitHub
  The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.
  ☆11Apr 6, 2020Updated 6 years ago
• Static-Flow / BOR

  View on GitHub
  BOR - Break On Request, is a burp extension that provides a custom context menu for marking requests to be stopped by the interceptor wit…
  ☆13Nov 18, 2022Updated 3 years ago