A dashboard for interesting DOM tricks/techniques.
☆35Dec 9, 2020Updated 5 years ago
Alternatives and similar repositories for domstorm
Users that are interested in domstorm are comparing it to the libraries listed below
Sorting:
- A deliberately vulnerable modern day app with lots of DOM related bugs☆35May 19, 2019Updated 6 years ago
- Misc PoCs for various research topics☆21Sep 28, 2022Updated 3 years ago
- A POC for the Java agent of Elastic APM☆12Mar 1, 2018Updated 8 years ago
- Basic raw packet sniffer in Python - Cybrary☆12Nov 21, 2017Updated 8 years ago
- Reflective/DOM XSS scanner built on casperJS☆81Oct 21, 2014Updated 11 years ago
- Advanced virtual host bruteforcer☆31Nov 23, 2015Updated 10 years ago
- Another plugin for CRLF vulnerability detection☆25Jan 25, 2017Updated 9 years ago
- A Rust library for Common Expression Language (CEL), built on top of cel-cpp with zero-cost FFI bindings via cxx.☆31Dec 17, 2025Updated 2 months ago
- ActionScript Proof of Concept to perform cross-domain reads☆16Aug 26, 2013Updated 12 years ago
- Automated client-side template injection (sandbox escape/bypass) detection for AngularJS v1.x.☆324Oct 20, 2021Updated 4 years ago
- spring mvc cve-2014-3625☆32Mar 11, 2016Updated 9 years ago
- Test for leaking DNS queries (i.e. if you're on a VPN)☆21May 19, 2014Updated 11 years ago
- Tools for analysing the forward DNS data set published at https://scans.io/study/sonar.fdns_v2☆17Sep 17, 2017Updated 8 years ago
- Anonymous Credit Tokens implementation in Rust☆25Updated this week
- Agenda/Minutes of Anti-Fraud Community Group meetings.☆20Updated this week
- An example of high-QPS requesting Burp Intruder style on AWS Lambda via self-invocation.☆22Nov 15, 2018Updated 7 years ago
- ☆24Feb 25, 2026Updated last week
- 2 web tasks from ZeroNights HackQuest 2016☆50Mar 24, 2017Updated 8 years ago
- RCE Exploit PoC for Spring based RESTFul APIs using XStream as Unmarshaler☆20Dec 24, 2013Updated 12 years ago
- A collection of published exploits and proof-of-concept code.☆21Dec 19, 2017Updated 8 years ago
- A Burp Extension to test applications for vulnerability to the Web Cache Deception attack☆140Feb 18, 2021Updated 5 years ago
- An automation framework for running multiple open sourced subdomain bruteforcing tools (in parallel) using your own wordlists via Docker …☆260Aug 22, 2021Updated 4 years ago
- A native Rust library for Mozilla's Public Suffix List☆32Updated this week
- A proof of concept that demonstrates asynchronous scanning for Java deserialization bugs☆55Mar 27, 2017Updated 8 years ago
- A library to assist in security-testing Unicode enabled applications during fuzzing, XSS, SQLi, etc.☆42Jul 1, 2017Updated 8 years ago
- ☆27Dec 5, 2019Updated 6 years ago
- A Burp Plugin for Detecting Weaknesses in Content Security Policies☆166May 19, 2023Updated 2 years ago
- Python script to exploit java unserialize on t3 (Weblogic)☆61Aug 9, 2017Updated 8 years ago
- Web hacking assistance toolkit☆111Sep 19, 2017Updated 8 years ago
- Tools to gather subdomains from Bug Bounty programs☆65Mar 29, 2018Updated 7 years ago
- Burp Suite extension for JAX-RS☆65Mar 17, 2017Updated 8 years ago
- pentest floating repo (based off git submodules), and some useful scripts i wrote☆35Aug 24, 2022Updated 3 years ago
- Final assignment for the course Data Visualization with Python, part of IBM Data Science Professional Certification on Coursera☆11Jun 22, 2020Updated 5 years ago
- Zabbix Jsrpc.php Injection Exploit☆25Aug 29, 2016Updated 9 years ago
- botnet scanner written in python☆14Apr 4, 2018Updated 7 years ago
- Automated enumeration☆30Apr 14, 2021Updated 4 years ago
- ☆72Nov 20, 2017Updated 8 years ago
- ☆28Oct 16, 2017Updated 8 years ago
- JSON API's Are Automatically Protected Against CSRF, And Google Almost Took It Away.☆34Jul 9, 2017Updated 8 years ago