polyxss / bxssLinks
Companion repository of the "Dancer in the Dark" paper.
☆19Updated last year
Alternatives and similar repositories for bxss
Users that are interested in bxss are comparing it to the libraries listed below
Sorting:
- Silent Spring: Prototype Pollution Leads to Remote Code Execution in Node.js☆74Updated last year
- Same Origin XSS challenge☆64Updated 3 years ago
- TheThing: an open-source tool to detect DOM Clobbering vulnerabilities☆52Updated 2 years ago
- Grammar-based HTTP/1 fuzzer with mutation ability☆257Updated 11 months ago
- CodeQL zero to hero blog post series challenges☆147Updated 3 weeks ago
- Finding Java gadget chains with CodeQL☆183Updated 9 months ago
- A collection of client-side libraries with HTML injection vulnerabilities and DOM clobbering gadgets.☆36Updated last month
- AutoSpear☆67Updated last year
- jws2pubkey tool☆40Updated 4 months ago
- Grammar-based HTTP/2 fuzzer with mutation ability☆47Updated 3 years ago
- A proof-of-concept tool for detection and exploitation Object Injection Vulnerabilities in .NET applications☆63Updated 4 years ago
- Find all libraries on cdn.js that pollute your prototype☆19Updated 3 years ago
- ☆22Updated 2 years ago
- Testability Pattern Catalogs for SAST☆31Updated 8 months ago
- TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.☆66Updated 2 months ago
- Ready to use docker image for CodeQL☆90Updated last year
- tetctf2020_amf_writeups☆23Updated 4 years ago
- Fuzzing script for redirect URL validator☆53Updated 5 years ago
- This is the data that powers the PortSwigger URL validation bypass cheat sheet.☆54Updated 3 weeks ago
- Searcher for cross-site leaks (XS-Leaks)☆82Updated 2 years ago
- ☆25Updated 3 years ago
- Collect public CTF source code repo☆48Updated 4 years ago
- Simple taint analyzer for PHP/WordPress using VKCOM/php-parser☆18Updated 3 years ago
- a repository of all the CTF challenges I've made for public events☆57Updated 2 months ago
- My CTF write-ups!☆27Updated 2 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆105Updated 4 months ago
- CTF writeups from GatorSheavesMutably (https://ctftime.org/team/109518) and More Smoked Leet Chicken (https://ctftime.org/team/1005)☆24Updated 11 months ago
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆96Updated last year
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Updated 4 years ago
- GreHack 2021 CodeQL for Java workshop☆75Updated 3 years ago