CyberChef by gchq

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

updated at May 12, 2024, 6:19 a.m.

JavaScript

376 -4

25,763 +74

2,967 +2

GitHub
DOMPurify by cure53

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

updated at May 12, 2024, 12:33 a.m.

JavaScript

150 -2

12,924 +54

670 -1

GitHub
xssor2 by evilcos

XSS'OR - Hack with JavaScript.

updated at May 11, 2024, 11:35 p.m.

JavaScript

95 +0

2,098 +2

378 +0

GitHub
beef by beefproject

The Browser Exploitation Framework Project

updated at May 11, 2024, 9:37 p.m.

JavaScript

438 -1

9,406 +10

2,060 +1

GitHub
H5SC by cure53

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

updated at May 11, 2024, 5:32 p.m.

JavaScript

153 -1

2,820 -2

418 +0

GitHub
AwesomeXSS by UltimateHackers

Awesome XSS stuff

updated at May 11, 2024, 3:46 a.m.

JavaScript

240 +0

4,648 +2

757 -1

GitHub
reverse-shell by lukechilds

Reverse Shell as a Service

updated at May 10, 2024, 9:43 p.m.

JavaScript

33 +0

1,789 +2

230 -1

GitHub
retire.js by RetireJS

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

updated at May 10, 2024, 7:06 p.m.

JavaScript

86 -1

3,529 +6

412 +0

GitHub
bXSS by LewisArdern

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

updated at May 9, 2024, 6:04 p.m.

JavaScript

14 +0

484 +0

64 -5

GitHub
repo-supervisor by auth0

Scan your code for security misconfiguration, search for passwords and secrets. mag

updated at May 5, 2024, 6:14 a.m.

JavaScript

33 +0

633 +0

101 +0

GitHub
singularity by nccgroup

A DNS rebinding attack framework.

updated at May 2, 2024, 5:48 a.m.

JavaScript

32 +0

974 +0

136 +0

GitHub
whonow by brannondorsey

A "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)

updated at April 30, 2024, 7:42 p.m.

JavaScript

22 +0

612 +0

102 +0

GitHub
dns-rebind-toolkit by brannondorsey

A front-end JavaScript toolkit for creating DNS rebinding attacks.

updated at April 30, 2024, 6:13 p.m.

JavaScript

24 +0

481 +0

93 +0

GitHub
dref by mwrlabs

DNS Rebinding Exploitation Framework

updated at April 28, 2024, 9:34 a.m.

JavaScript

25 +0

481 +0

71 +0

GitHub
malware-jail by HynekPetrak

Sandbox for semi-automatic Javascript malware analysis, deobfuscation and payload extraction. Written for Node.js

updated at April 5, 2024, 2:38 p.m.

JavaScript

46 +0

453 +0

99 +0

GitHub
BadLibrary by SecureSkyTechnology

vulnerable web application for training

updated at April 4, 2024, 8:38 a.m.

JavaScript

20 +0

57 +0

7 +0

GitHub
Most stars Fewest stars Most forks Fewest forks Most watchers Fewest watchers Recently created Least recently created Recently updated Least recently updated Most repositories Fewest repositories
All languages 104 Python 41 JavaScript 16 Unknown languages 14 Go 7 C 4 HTML 4 C++ 3 PHP 3 CSS 2 Perl 2 Ruby 2 C# 1 Dockerfile 1 Java 1 Kotlin 1 Shell 1 TypeScript 1