leaky-forms / leaky-forms-crawler

Related projects ⓘ

Alternatives and complementary repositories for leaky-forms-crawler

• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆40Updated last year
• Phasip / resolvers
  List of periodically validated public DNS resolvers
  ☆23Updated this week
• RUB-NDS / xsinator.com
  XS-Leak Browser Test Suite
  ☆73Updated 11 months ago
• google / bughunters
  ☆27Updated 3 weeks ago
• TheGrandPew / Sanity
  ☆15Updated 3 years ago
• RUB-NDS / AutoLeak
  Find XS-Leaks in the browser by diffing DOM-Graphs in two states
  ☆14Updated 11 months ago
• Aurore54F / DoubleX
  Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale
  ☆67Updated 2 years ago
• cispa / xs-observations
  Code for our 2023 IEEE S&P Paper "The Leaky Web: Automated Discovery of Cross-Site Information Leaks in Browsers and the Web"
  ☆12Updated last month
• AlecBlance / S3BucketList
  Chrome extension that lists Amazon S3 Buckets while browsing
  ☆78Updated 3 weeks ago
• SoheilKhodayari / JAW
  JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
  ☆100Updated last week
• federicodotta / semgrep-rules
  A collection of my Semgrep rules
  ☆47Updated last year
• DistriNet / evil-epubs
  Using EPUBs for the semi-automated evaluation of security and privacy implications of EPUB reading systems.
  ☆30Updated 2 years ago
• mattiasgrenfeldt / bachelors-thesis-http-request-smuggling
  ☆69Updated 3 years ago
• SoheilKhodayari / DOMClobbering
  DOM Clobbering Wiki, Browser Testing, and Payload Generation
  ☆43Updated last week
• ko2sec / apkizer
  apkizer is a mass downloader for android applications for all available versions.
  ☆46Updated 3 years ago
• hahwul / ws-smuggler
  WebSocket Connection Smuggler
  ☆44Updated 2 years ago
• amalmurali47 / swagroutes
  swagroutes is a command-line tool that extracts and lists API routes from Swagger files in YAML or JSON format.
  ☆54Updated last year
• PortSwigger / paramalyzer
  Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.
  ☆29Updated 2 years ago
• tarunkant / EndPoint-Finder
  Finds the End-Points in JavaScript files
  ☆88Updated 3 years ago
• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆81Updated last year
• johnsaigle / scary-strings
  Collection of wordlists containing dangerous function calls in many languages
  ☆22Updated 3 weeks ago
• binareio / FastCVE
  FastCVE - fast, rich and API-based search for CVE and more (CPE, CWE, CAPEC)
  ☆39Updated 3 months ago
• kosmosec / proto-find
  Let's check if your target is vulnerable for client side prototype pollution.
  ☆63Updated 10 months ago
• indianajson / cloudfish
  Subdomain enumeration using Cloudflare's scanning tool.
  ☆40Updated last year
• sickcodes / security
  Collection of CVEs from Sick Codes, or collaborations on https://sick.codes security research & advisories.
  ☆85Updated 2 years ago
• ameenmaali / endpointdiff
  Wrapper around LinkFinder to quickly determine whether endpoints have been added/removed to JavaScript files.
  ☆40Updated 4 years ago
• KarimPwnz / waybacked
  Get URLs from the Wayback Machine. Able to handle large outputs.
  ☆22Updated last year
• Kirill89 / prototype-pollution-explained
  Prototype Pollution in JavaScript
  ☆75Updated 2 years ago
• gwen001 / favicon-hashtrick
  Python script implementing the favicon hash trick to find subdomains.
  ☆26Updated last year