Alternatives and similar repositories for domstorm

Users that are interested in domstorm are comparing it to the libraries listed below

• dxa4481 / Damn-Vulnerable-Redis-Container
  An example of obtaining RCE via Redis and CSRF
  ☆76Updated 9 years ago
• skepticfx / damnvulnerable.me
  A deliberately vulnerable modern day app with lots of DOM related bugs
  ☆35Updated 6 years ago
• ajinabraham / Static-DOM-XSS-Scanner
  Static DOM XSS Scanner is a Static Analysis tool written in python that will iterate through all the JavaScript and HTML files under the …
  ☆119Updated 10 years ago
• gabemarshall / casperXSS
  Reflective/DOM XSS scanner built on casperJS
  ☆81Updated 11 years ago
• neraliu / tainted-phantomjs
  Tainted PhantomJS
  ☆52Updated 10 years ago
• cure53 / jPurify
  jPurify
  ☆64Updated 8 years ago
• wkcaj / safecurl
  SSRF Protection Library for PHP - http://safecurl.fin1te.net
  ☆73Updated 2 years ago
• sethsec / Nodejs-SSRF-App
  Nodejs application intentionally vulnerable to SSRF
  ☆42Updated 2 years ago
• immunio / immunio-xss-fuzzer
  Immunio's XSS Fuzzer tool
  ☆25Updated 10 years ago
• avicoder / Hackerone
  Hackerone disclosed report URL Aggregator
  ☆30Updated 7 years ago
• silentsignal / duncan
  Duncan - Blind SQL injector skeleton
  ☆59Updated 3 years ago
• fakhrizulkifli / Defeating-PHP-GD-imagecreatefromgif
  Proof-of-concept to exploit the flaw in the PHP-GD built-in function, imagecreatefromgif()
  ☆121Updated 10 years ago
• PaulSec / CSRFT
  A lightweight CSRF Toolkit for easy Proof of concept
  ☆172Updated 11 years ago
• ikkisoft / bradamsa
  Burp Suite extension to generate Intruder payloads using Radamsa
  ☆89Updated 8 years ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 7 years ago
• GoSecure / csp-auditor
  Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website
  ☆139Updated 5 years ago
• wisec / DOMinator
  ☆81Updated 13 years ago
• evilpacket / xss.io
  ☆73Updated 12 years ago
• Nhoya / PastebinMarkdownXSS
  XSS in pastebin.com and reddit.com via unsanitized markdown output
  ☆88Updated 7 years ago
• stamparm / DSFS
  Damn Small FI Scanner
  ☆62Updated 6 years ago
• rafaybaloch / SOP-Bypass-Mini-Test-Suite
  This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…
  ☆30Updated 6 years ago
• cure53 / mustache-security
  Automatically exported from code.google.com/p/mustache-security
  ☆23Updated 10 years ago
• incredibleindishell / sqlite-lab
  This code is vulnerable to SQL Injection and having SQLite database. For SQLite database, SQL Injection payloads are different so it is f…
  ☆159Updated 4 years ago
• thomaspatzke / WASE
  The Web Audit Search Engine - Index and Search HTTP Requests and Responses in Web Application Audits with ElasticSearch
  ☆113Updated 5 years ago
• dxa4481 / CORS
  JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.
  ☆34Updated 8 years ago
• gursev / flash-xdomain-xploit
  ActionScript Proof of Concept to perform cross-domain reads
  ☆43Updated 12 years ago
• incredibleindishell / Local-file-disclosure-SQL-Injection-Lab
  This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …
  ☆42Updated 8 years ago
• Bo0oM / CVE-2017-5124
  Chrome < 62 uxss exploit (CVE-2017-5124)
  ☆160Updated 8 years ago
• Techlord-RCE / dns-rebind-toolkit
  A front-end JavaScript toolkit for creating DNS rebinding attacks.
  ☆45Updated 7 years ago
• mandatoryprogrammer / FlashHTTPRequest
  A very simple bridge for performing Flash HTTP requests with JavaScript
  ☆81Updated 10 years ago