malware-jail by HynekPetrak

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

updated at Oct. 5, 2024, 12:50 p.m.

JavaScript

46 +0

460 +0

100 +0

GitHub
dref by mwrlabs

DNS Rebinding Exploitation Framework

updated at Oct. 5, 2024, 12:55 p.m.

JavaScript

25 +0

481 +0

71 +0

GitHub
BadLibrary by SecureSkyTechnology

vulnerable web application for training

updated at Oct. 5, 2024, 1:08 p.m.

JavaScript

19 +0

58 +0

7 +0

GitHub
repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets. mag

updated at Oct. 26, 2024, 2:18 a.m.

JavaScript

33 +0

637 +0

88 +0

GitHub
dns-rebind-toolkit by brannondorsey

A front-end JavaScript toolkit for creating DNS rebinding attacks.

updated at Nov. 1, 2024, 6:29 p.m.

JavaScript

24 +0

485 +0

93 +0

GitHub
xssor2 by evilcos

XSS'OR - Hack with JavaScript.

updated at Nov. 7, 2024, 8:58 a.m.

JavaScript

94 +0

2,129 +0

381 +0

GitHub
whonow by brannondorsey

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

updated at Nov. 11, 2024, 1:27 a.m.

JavaScript

22 +0

627 +1

88 +0

GitHub
reverse-shell by lukechilds

Reverse Shell as a Service

updated at Nov. 13, 2024, 2:54 a.m.

JavaScript

31 +0

1,852 +0

234 +0

GitHub
singularity by nccgroup

A DNS rebinding attack framework.

updated at Nov. 14, 2024, 6:16 a.m.

JavaScript

33 +0

1,036 +3

138 +0

GitHub
AwesomeXSS by UltimateHackers

Awesome XSS stuff

updated at Nov. 14, 2024, 1:22 p.m.

JavaScript

239 +0

4,786 +6

767 +1

GitHub
H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

updated at Nov. 14, 2024, 1:46 p.m.

JavaScript

153 +0

2,857 +3

420 +0

GitHub
beef by beefproject

The Browser Exploitation Framework Project

updated at Nov. 16, 2024, 11:59 a.m.

JavaScript

444 -1

9,856 +18

2,180 +1

GitHub
DOMPurify by cure53

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

updated at Nov. 16, 2024, 11:22 p.m.

JavaScript

151 -1

14,021 +40

726 +3

GitHub
bXSS by LewisArdern

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

updated at Nov. 17, 2024, 2:45 a.m.

JavaScript

14 +0

518 +5

64 +0

GitHub
retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

updated at Nov. 17, 2024, 3:04 a.m.

JavaScript

83 -1

3,692 +6

417 +0

GitHub
CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

updated at Nov. 17, 2024, 8:48 a.m.

JavaScript

390 +0

29,267 +96

3,280 +13

GitHub
Most stars Fewest stars Most forks Fewest forks Most watchers Fewest watchers Recently created Least recently created Recently updated Least recently updated Most repositories Fewest repositories
All languages 104 Python 40 JavaScript 16 Unknown languages 15 Go 7 C 4 HTML 4 C++ 3 PHP 3 CSS 2 Perl 2 Ruby 2 C# 1 Dockerfile 1 Java 1 Kotlin 1 Shell 1 TypeScript 1