Alternatives and similar repositories for same-origin-xss

Users that are interested in same-origin-xss are comparing it to the libraries listed below

• Philesiv / XSLeaker
  Searcher for cross-site leaks (XS-Leaks)
  ☆82Updated 3 years ago
• BlackFan / cspp-tools
  Client-Side Prototype Pollution Tools
  ☆85Updated 4 years ago
• detectify / Varnish-H2-Request-Smuggling
  ☆56Updated 4 years ago
• AsaiKen / dom-based-xss-finder
  Chrome extension that finds DOM based XSS vulnerabilities
  ☆75Updated 7 months ago
• HLOverflow / XXE-study
  This repository contains various XXE labs set up for different languages and their different parsers. This may alternatively serve as a p…
  ☆112Updated last year
• bytehope / wwe
  ☆25Updated 10 months ago
• Sudistark / CTF-Writeups
  This repo contains solution for ctf challenges
  ☆38Updated last year
• neex / ghostinthepdf
  ☆170Updated 4 years ago
• peterjson31337 / tetctf2021
  tetctf2020_amf_writeups
  ☆23Updated 5 years ago
• PortSwigger / url-cheatsheet-data
  This is the data that powers the PortSwigger URL validation bypass cheat sheet.
  ☆59Updated 3 months ago
• usdAG / slipit
  Utility for creating ZipSlip archives
  ☆80Updated 2 years ago
• ambionics / lightyear
  lightyear is a tool to dump files in tedious (blind) conditions using PHP filters
  ☆109Updated 6 months ago
• SoheilKhodayari / TheThing
  TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
  ☆55Updated 2 years ago
• 0xAwali / Blind-SSRF
  Nuclei Templates to reproduce Cracking the lens's Research
  ☆130Updated 4 years ago
• ambionics / scalpel
  Scalpel is a Burp extension for intercepting and rewriting HTTP traffic, either on the fly or in the Repeater using Python 3 scripts.
  ☆66Updated last year
• Static-Flow / BurpSuiteAutoCompletion
  This exention enables autocompletion within BurpSuite Repeater/Intruder tabs.
  ☆164Updated 4 years ago
• SecuraBV / jws2pubkey
  jws2pubkey tool
  ☆41Updated 6 months ago
• synfron / ReshaperForBurp
  Burp Suite Extension - Trigger actions and reshape HTTP request/response and WebSocket traffic using configurable rules
  ☆105Updated 2 months ago
• GoSecure / xxe-workshop
  Workshop given at Hack in Paris 2019
  ☆126Updated 2 years ago
• shhnjk / cursed_types
  List of Trusted Types bypasses
  ☆102Updated last year
• msrkp / MXSS
  Awesome MXSS ??
  ☆56Updated last year
• RandomRobbieBF / grafana-ssrf
  Authenticated SSRF in Grafana
  ☆83Updated last year
• pimps / gopher-tomcat-deployer
  Gopher Tomcat Deployer
  ☆48Updated 7 years ago
• Kirill89 / prototype-pollution-exploits
  Prototype Pollution exploits collection
  ☆37Updated 4 years ago
• wdahlenburg / pyhprof
  Parse HPROF files from the Spring Boot Heapdump Actuator
  ☆29Updated last year
• MrTuxracer / advisories
  Security Advisories
  ☆35Updated 2 months ago
• riramar / h2rs
  Detects request smuggling via HTTP/2 downgrades.
  ☆94Updated 3 years ago
• JeppW / smugchunks
  A black-box scanner for HTTP request smuggling vulnerabilities caused by chunk parsing discrepancies.
  ☆27Updated 2 months ago
• PortSwigger / portable-data-exfiltration
  This repo contains all the injections mentioned in my talk and enumerators.
  ☆134Updated 2 years ago
• pentagridsec / PentagridScanController
  Improve automated and semi-automated active scanning in Burp Pro
  ☆63Updated 7 months ago