skepticfx / domstorm
A dashboard for interesting DOM tricks/techniques.
☆36Updated 4 years ago
Alternatives and similar repositories for domstorm:
Users that are interested in domstorm are comparing it to the libraries listed below
- A deliberately vulnerable modern day app with lots of DOM related bugs☆36Updated 5 years ago
- An example of obtaining RCE via Redis and CSRF☆76Updated 8 years ago
- This is a tiny Chrome Extension that protects your from Clipboard XSS Attacks☆19Updated 9 years ago
- Reflective/DOM XSS scanner built on casperJS☆81Updated 10 years ago
- Immunio's XSS Fuzzer tool☆25Updated 9 years ago
- Hackerone disclosed report URL Aggregator☆29Updated 6 years ago
- Tainted PhantomJS☆53Updated 9 years ago
- Static DOM XSS Scanner is a Static Analysis tool written in python that will iterate through all the JavaScript and HTML files under the …☆119Updated 10 years ago
- This test suite contains over 40 different test cases that have proven to work with different mobile browsers in my research or testing S…☆30Updated 5 years ago
- Demo server for testing Java deserialization payloads☆15Updated 8 years ago
- SSRF Protection Library for PHP - http://safecurl.fin1te.net☆73Updated last year
- A front-end JavaScript toolkit for creating DNS rebinding attacks.☆45Updated 6 years ago
- Python Implementation of a .NET Padding Oracle Assessment Tool☆30Updated 9 years ago
- Webkit uxss exploit (CVE-2017-7089)☆64Updated 7 years ago
- Burp Suite JS Beautifier☆99Updated 10 years ago
- Penetration Testing Tools Developed by AppSec Consulting.☆48Updated 6 years ago
- ☆32Updated 9 years ago
- Proof-of-concept to exploit the flaw in the PHP-GD built-in function, imagecreatefromgif()☆121Updated 9 years ago
- Allows you to trace where inputs are reflected back to the user.☆37Updated 7 years ago
- ☆74Updated 11 years ago
- A BurpSuite plugin to detect Same Origin Method Execution vulnerabilities☆60Updated 7 years ago
- A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.☆42Updated 7 years ago
- ☆70Updated 7 years ago
- A tiny chrome extension to record and replay your web application proof-of-concepts.☆20Updated 8 years ago
- Growing list of potentially dangerous PHP functions☆52Updated 5 years ago
- XXE OOB Exploitation Toolset for Automation☆63Updated 11 years ago
- This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …☆44Updated 8 years ago
- Popcorn - the JSON fuzzer☆22Updated 10 years ago
- Static analysis tool for javascript code based. Scanjs uses Esprima to convert sources to AST, then walks AST looking for patterns.☆54Updated 10 years ago
- Exploit insecure crossdomain.xml files.☆26Updated 7 years ago