shhnjk / cursed_typesView external linksLinks
List of Trusted Types bypasses
☆102Apr 15, 2024Updated last year
Alternatives and similar repositories for cursed_types
Users that are interested in cursed_types are comparing it to the libraries listed below
Sorting:
- ☆10Nov 23, 2021Updated 4 years ago
- Chrome extension to detect possible xsleaks☆12May 4, 2019Updated 6 years ago
- Client Side Prototype Pollution Scanner☆524Sep 17, 2022Updated 3 years ago
- Content-Type Research☆657Jun 29, 2025Updated 7 months ago
- Electron Research☆73Feb 9, 2022Updated 4 years ago
- Generate DOM clobbering attack vectors for you.☆35Jun 3, 2025Updated 8 months ago
- ☆695Jul 4, 2022Updated 3 years ago
- Same Origin XSS challenge☆64Apr 7, 2022Updated 3 years ago
- ☆13Feb 18, 2022Updated 3 years ago
- Writeups for HITCON CTF 2020☆10Nov 29, 2020Updated 5 years ago
- Some research on UXSS vulnerabilities in web browsers☆12May 14, 2018Updated 7 years ago
- Prototype Pollution and useful Script Gadgets☆1,581Jan 27, 2024Updated 2 years ago
- Place for random PoCs☆18May 21, 2020Updated 5 years ago
- Pickle decompiler plugin for Radare2☆18Aug 6, 2023Updated 2 years ago
- Burp Suite plugin to copy regex matches from selected requests and/or responses to the clipboard.☆35Feb 12, 2022Updated 4 years ago
- Find all libraries on cdn.js that pollute your prototype☆19Sep 1, 2022Updated 3 years ago
- HTTP request smuggling attack helper/CLI tools to manipulate HTTP packets☆35Sep 23, 2022Updated 3 years ago
- WinDbg script to spoof origin and url of a renderer process in Chrome☆25Dec 2, 2020Updated 5 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- ☆73Nov 22, 2021Updated 4 years ago
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerability☆946Dec 31, 2021Updated 4 years ago
- ☆17Nov 28, 2021Updated 4 years ago
- Find XS-Leaks in the browser by diffing DOM-Graphs in two states☆18Jan 20, 2025Updated last year
- 010Editor Templates☆13May 29, 2024Updated last year
- A powerful Burp extension to make bounty rain☆14Feb 1, 2022Updated 4 years ago
- ☆113Jun 19, 2022Updated 3 years ago
- Burp extension to create target specific and tailored wordlist from burp history.☆255Dec 8, 2021Updated 4 years ago
- lightyear is a tool to dump files in tedious (blind) conditions using PHP filters☆110Jun 23, 2025Updated 7 months ago
- ☆709Nov 27, 2024Updated last year
- gup aka Get All Urls parameters to create wordlists for brute forcing parameters.☆18Dec 4, 2021Updated 4 years ago
- Burp Bounty profiles☆81Jan 2, 2022Updated 4 years ago
- Obtain GraphQL API schema despite disabled introspection!☆71May 27, 2021Updated 4 years ago
- A compilation of network scanning strategies to find vulnerable devices☆73Nov 6, 2022Updated 3 years ago
- XS-Leaks Wiki☆175May 29, 2025Updated 8 months ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆390Aug 15, 2024Updated last year
- A malicious LDAP server for JNDI injection attacks☆76Nov 15, 2024Updated last year
- Burp Suite Extension useful to verify OAUTHv2 and OpenID security☆175Oct 26, 2024Updated last year
- RCE in NPM VSCode Extension☆20Apr 11, 2021Updated 4 years ago
- A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.☆519Jun 22, 2022Updated 3 years ago