shhnjk/cursed_types external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

shhnjk/cursed_types

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/shhnjk/cursed_types)

Close

shhnjk / cursed_typesView on GitHubMore

• External links
• Readme badge

List of Trusted Types bypasses

☆102Apr 15, 2024Updated last year

Alternatives and similar repositories for cursed_types

Users that are interested in cursed_types are comparing it to the libraries listed below

• theoremoon / ctf-ratings

  View on GitHub
  ☆10Nov 23, 2021Updated 4 years ago
• po6ix / jsfuxx

  View on GitHub
  ☆22Feb 12, 2022Updated 4 years ago
• 1lastBr3ath / XSleaks

  View on GitHub
  Chrome extension to detect possible xsleaks
  ☆12May 4, 2019Updated 6 years ago
• msrkp / PPScan

  View on GitHub
  Client Side Prototype Pollution Scanner
  ☆522Sep 17, 2022Updated 3 years ago
• BlackFan / content-type-research

  View on GitHub
  Content-Type Research
  ☆656Jun 29, 2025Updated 8 months ago
• msrkp / electron-research

  View on GitHub
  Electron Research
  ☆73Feb 9, 2022Updated 4 years ago
• splitline / DOM-Clobber3r

  View on GitHub
  Generate DOM clobbering attack vectors for you.
  ☆35Jun 3, 2025Updated 9 months ago
• filedescriptor / untrusted-types

  View on GitHub
  ☆695Jul 4, 2022Updated 3 years ago
• terjanq / same-origin-xss

  View on GitHub
  Same Origin XSS challenge
  ☆64Apr 7, 2022Updated 3 years ago
• FrenchRoomba / ctf-writeup-HITCON-CTF-2020

  View on GitHub
  Writeups for HITCON CTF 2020
  ☆10Nov 29, 2020Updated 5 years ago
• AntoineRondelet / uxss-vulnerabilities-research

  View on GitHub
  Some research on UXSS vulnerabilities in web browsers
  ☆12May 14, 2018Updated 7 years ago
• Roni-Carta / onhandlers

  View on GitHub
  ☆12Feb 18, 2022Updated 4 years ago
• BlackFan / client-side-prototype-pollution

  View on GitHub
  Prototype Pollution and useful Script Gadgets
  ☆1,589Jan 27, 2024Updated 2 years ago
• GrrrDog / Sploits

  View on GitHub
  Place for random PoCs
  ☆18May 21, 2020Updated 5 years ago
• doyensec / r2pickledec

  View on GitHub
  Pickle decompiler plugin for Radare2
  ☆18Aug 6, 2023Updated 2 years ago
• honoki / burp-copy-regex-matches

  View on GitHub
  Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.
  ☆34Feb 12, 2022Updated 4 years ago
• aszx87410 / cdnjs-prototype-pollution

  View on GitHub
  Find all libraries on cdn.js that pollute your prototype
  ☆19Sep 1, 2022Updated 3 years ago
• ariary / HTTPCustomHouse

  View on GitHub
  HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets
  ☆35Sep 23, 2022Updated 3 years ago
• shhnjk / spoof.js

  View on GitHub
  WinDbg script to spoof origin and url of a renderer process in Chrome
  ☆25Dec 2, 2020Updated 5 years ago
• riramar / h2rs

  View on GitHub
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Jul 30, 2022Updated 3 years ago
• Cache-Money / chronorace

  View on GitHub
  ☆73Nov 22, 2021Updated 4 years ago
• assetnote / blind-ssrf-chains

  View on GitHub
  An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability
  ☆953Dec 31, 2021Updated 4 years ago
• masatokinugawa / css-exfiltration-svg-font

  View on GitHub
  ☆17Nov 28, 2021Updated 4 years ago
• hakluke / ----svg-onload-alert---

  View on GitHub
  jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()…
  ☆11Apr 9, 2021Updated 4 years ago
• RUB-NDS / AutoLeak

  View on GitHub
  Find XS-Leaks in the browser by diffing DOM-Graphs in two states
  ☆18Jan 20, 2025Updated last year
• Ovi3 / 010Editor-Template

  View on GitHub
  010Editor Templates
  ☆13May 29, 2024Updated last year
• plenumlab / Imposteserum-extension

  View on GitHub
  A powerful Burp extension to make bounty rain
  ☆14Feb 1, 2022Updated 4 years ago
• Super-Guesser / ctf

  View on GitHub
  ☆113Jun 19, 2022Updated 3 years ago
• 0xDexter0us / Scavenger

  View on GitHub
  Burp extension to create target specific and tailored wordlist from burp history.
  ☆256Dec 8, 2021Updated 4 years ago
• jmdx / TLS-poison

  View on GitHub
  ☆705Nov 27, 2024Updated last year
• byt3hx / gup

  View on GitHub
  gup aka Get All Urls parameters to create wordlists for brute forcing parameters.
  ☆18Dec 4, 2021Updated 4 years ago
• ambionics / lightyear

  View on GitHub
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆112Jun 23, 2025Updated 8 months ago
• Sy3Omda / burp-bounty

  View on GitHub
  Burp Bounty profiles
  ☆80Jan 2, 2022Updated 4 years ago
• y0k4i-1337 / clairvoyancex

  View on GitHub
  Obtain GraphQL API schema despite disabled introspection!
  ☆69May 27, 2021Updated 4 years ago
• adulau / active-scanning-techniques

  View on GitHub
  A compilation of network scanning strategies to find vulnerable devices
  ☆73Nov 6, 2022Updated 3 years ago
• xsleaks / wiki

  View on GitHub
  XS-Leaks Wiki
  ☆178May 29, 2025Updated 9 months ago
• 0ang3el / websocket-smuggle

  View on GitHub
  Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
  ☆391Aug 15, 2024Updated last year
• artsploit / rogue-jndi

  View on GitHub
  A malicious LDAP server for JNDI injection attacks
  ☆76Nov 15, 2024Updated last year
• akabe1 / OAUTHScan

  View on GitHub
  Burp Suite Extension useful to verify OAUTHv2 and OpenID security
  ☆176Oct 26, 2024Updated last year