CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

updated at Nov. 17, 2024, 8:48 a.m.

JavaScript

390 +0

29,267 +96

3,280 +13

GitHub
retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

updated at Nov. 17, 2024, 3:04 a.m.

JavaScript

83 -1

3,692 +6

417 +0

GitHub
bXSS by LewisArdern

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

updated at Nov. 17, 2024, 2:45 a.m.

JavaScript

14 +0

518 +5

64 +0

GitHub
DOMPurify by cure53

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

updated at Nov. 16, 2024, 11:22 p.m.

JavaScript

151 -1

14,021 +40

726 +3

GitHub
beef by beefproject

The Browser Exploitation Framework Project

updated at Nov. 16, 2024, 11:59 a.m.

JavaScript

444 -1

9,856 +18

2,180 +1

GitHub
H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

updated at Nov. 14, 2024, 1:46 p.m.

JavaScript

153 +0

2,857 +3

420 +0

GitHub
AwesomeXSS by UltimateHackers

Awesome XSS stuff

updated at Nov. 14, 2024, 1:22 p.m.

JavaScript

239 +0

4,786 +6

767 +1

GitHub
singularity by nccgroup

A DNS rebinding attack framework.

updated at Nov. 14, 2024, 6:16 a.m.

JavaScript

33 +0

1,036 +3

138 +0

GitHub
reverse-shell by lukechilds

Reverse Shell as a Service

updated at Nov. 13, 2024, 2:54 a.m.

JavaScript

31 +0

1,852 +0

234 +0

GitHub
whonow by brannondorsey

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

updated at Nov. 11, 2024, 1:27 a.m.

JavaScript

22 +0

627 +1

88 +0

GitHub
xssor2 by evilcos

XSS'OR - Hack with JavaScript.

updated at Nov. 7, 2024, 8:58 a.m.

JavaScript

94 +0

2,129 +0

381 +0

GitHub
dns-rebind-toolkit by brannondorsey

A front-end JavaScript toolkit for creating DNS rebinding attacks.

updated at Nov. 1, 2024, 6:29 p.m.

JavaScript

24 +0

485 +0

93 +0

GitHub
repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets. mag

updated at Oct. 26, 2024, 2:18 a.m.

JavaScript

33 +0

637 +0

88 +0

GitHub
BadLibrary by SecureSkyTechnology

vulnerable web application for training

updated at Oct. 5, 2024, 1:08 p.m.

JavaScript

19 +0

58 +0

7 +0

GitHub
dref by mwrlabs

DNS Rebinding Exploitation Framework

updated at Oct. 5, 2024, 12:55 p.m.

JavaScript

25 +0

481 +0

71 +0

GitHub
malware-jail by HynekPetrak

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

updated at Oct. 5, 2024, 12:50 p.m.

JavaScript

46 +0

460 +0

100 +0

GitHub