CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

updated at June 9, 2024, 5:18 a.m.

JavaScript

380 +4

26,072 +60

3,002 +10

GitHub
beef by beefproject

The Browser Exploitation Framework Project

updated at June 9, 2024, 4:09 a.m.

JavaScript

439 +0

9,462 +16

2,078 +6

GitHub
DOMPurify by cure53

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

updated at June 8, 2024, 6:48 p.m.

JavaScript

150 +1

13,075 +39

680 +2

GitHub
H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

updated at June 8, 2024, 5:33 p.m.

JavaScript

153 +0

2,821 +1

417 +0

GitHub
AwesomeXSS by UltimateHackers

Awesome XSS stuff

updated at June 7, 2024, 5:24 p.m.

JavaScript

240 +0

4,673 +7

759 +1

GitHub
retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

updated at June 7, 2024, 2:52 p.m.

JavaScript

86 +0

3,575 +15

413 +1

GitHub
whonow by brannondorsey

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

updated at June 6, 2024, 5:25 p.m.

JavaScript

22 +0

615 +3

102 +0

GitHub
singularity by nccgroup

A DNS rebinding attack framework.

updated at June 6, 2024, 5:58 a.m.

JavaScript

32 +0

992 +2

136 +1

GitHub
xssor2 by evilcos

XSS'OR - Hack with JavaScript.

updated at June 5, 2024, 1:12 p.m.

JavaScript

95 +0

2,104 +2

378 +0

GitHub
reverse-shell by lukechilds

Reverse Shell as a Service

updated at June 4, 2024, 4:32 a.m.

JavaScript

33 +0

1,799 +1

229 -1

GitHub
dref by mwrlabs

DNS Rebinding Exploitation Framework

updated at June 1, 2024, 1:12 a.m.

JavaScript

25 +0

481 +0

71 +0

GitHub
bXSS by LewisArdern

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

updated at May 31, 2024, 5:37 p.m.

JavaScript

14 +0

488 +0

64 +0

GitHub
malware-jail by HynekPetrak

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

updated at May 31, 2024, 2:30 a.m.

JavaScript

46 +0

454 +0

99 +0

GitHub
BadLibrary by SecureSkyTechnology

vulnerable web application for training

updated at May 14, 2024, 8:50 a.m.

JavaScript

20 +0

57 +0

7 +0

GitHub
repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets. mag

updated at May 5, 2024, 6:14 a.m.

JavaScript

33 +0

633 +0

101 +0

GitHub
dns-rebind-toolkit by brannondorsey

A front-end JavaScript toolkit for creating DNS rebinding attacks.

updated at April 30, 2024, 6:13 p.m.

JavaScript

24 +0

481 +0

93 +0

GitHub
Most stars Fewest stars Most forks Fewest forks Most watchers Fewest watchers Recently created Least recently created Recently updated Least recently updated Most repositories Fewest repositories
All languages 104 Python 40 JavaScript 16 Unknown languages 15 Go 7 C 4 HTML 4 C++ 3 PHP 3 CSS 2 Perl 2 Ruby 2 C# 1 Dockerfile 1 Java 1 Kotlin 1 Shell 1 TypeScript 1