#
xss
Here are 360 public repositories matching this topic...
veeral-patel
commented
Oct 11, 2019
Thanks for this great project! I haven't tried it myself yet but it seems like a well-documented and mature tool to start using -- and it's under a year old!
I was wondering if you thought about creating a documentation site for the project. This could make people think it's more professional and help attract more users from commercial tools.
One idea is to use Mkdocs with a theme like Mkdoc
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
javascript
svg
html
security
dom
xss
mathml
sanitizer
dompurify
cross-site-scripting
prevent-xss-attacks
-
Updated
Mar 9, 2020 - JavaScript
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
-
Updated
Mar 9, 2020 - Go
Awesome XSS stuff
-
Updated
Mar 8, 2020 - JavaScript
Web Application Security Scanner Framework
javascript
ruby
crawler
security-audit
modular
hack
dom
analysis
scanner
detection
hacking
xss
audit
web-application
penetration-testing
sql-injection
vulnerability-detection
arachni
scanners
-
Updated
Mar 8, 2020 - Ruby
Git All the Payloads! A collection of web attack payloads.
-
Updated
Mar 8, 2020 - Shell
A list of resources for those interested in getting started in bug bounties
-
Updated
Mar 9, 2020
XSS'OR - Hack with JavaScript.
-
Updated
Mar 9, 2020 - JavaScript
基于SpringCloud(Hoxton.SR1) + SpringBoot(2.2.4.RELEASE) 的SaaS 微服务脚手架,具有统一授权、认证后台管理系统,其中包含具备用户管理、资源权限管理、网关API、分布式事务、大文件断点分片续传等多个模块,支持多业务系统并行开发,可以作为后端服务的开发脚手架。代码简洁,架构清晰,适合学习和直接项目中使用。核心技术采用Nacos、Fegin、Ribbon、Zuul、Hystrix、JWT Token、Mybatis、SpringBoot、Redis、RibbitMQ等主要框架和中间件。
java
jwt
spring
spring-cloud
gateway
xss
springboot
mybatis
zuul
hystrix
eureka
springcloud
nacos
seata
zuihou-admin-cloud
-
Updated
Mar 9, 2020 - Java
riking
commented
Oct 16, 2019
https://staticcheck.io/docs/checks#SA6005
In file sanitize.go: if strings.ToLower(straw) == strings.ToLower(needle) { should be strings.EqualsFold(straw, needle)
or, even better, compile a regexp literal for needle and use it for the entire loop.
A container repository for my public web hacks!
-
Updated
Mar 7, 2020 - JavaScript
Collection of quality safety articles
github
java
dns
security
list
research
web
hacking
waf
xss
bug-bounty
src
pentest
hacker
acknowledgments
fuzz
sec
ruby-programs
xxe
websec
redteam
bounty-hunters
quality-safety-articles
-
Updated
Mar 7, 2020
pentest framework
docker
security-audit
exploit
network
proxy
scanner
phishing
hacking
xss
sniffer
packet-analyser
packet-parsing
brute-force
packet-processing
denial-of-service
pentest
fuzzer
packet-generator
spoof
man-in-the-middle
-
Updated
Mar 4, 2020 - Python
xss
xss-vulnerability
xss-scanners
bugbounty
xss-scanner
xss-exploitation
xss-detection
payload
payloads
xss-attacks
xss-injection
websecurity
dom-based
xss-poc
cross-site-scripting
reflected-xss-vulnerabilities
website-vulnerability
xss-payloads
self-xss
xss-payload
-
Updated
Mar 5, 2020
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
php
alert
blind
test
bug
xss
penetration-testing
xss-vulnerability
easy-to-use
easy
bugbounty
xss-scanner
xss-exploitation
xss-detection
payload
xss-attacks
xss-injection
blind-xss
-
Updated
Mar 9, 2020 - PHP
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
dns
exploit
ftp
scanner
hacking
xss
python3
aiohttp
cloudflare
asyncio
sqli
vulnerability
pentesting
blackarch
vulnerability-scanners
lfi
metasploit
d0rk
trawling
toxin
-
Updated
Mar 9, 2020 - Python
Advanced dork Search & Mass Exploit Scanner
linux
shell
security
data
tools
system
server
engine
scanner
xss
web-application
sqli
exploitation
ports
portscan
vulnerability-scanners
dork
lfi
rfi
mass-exploitation-scanner
-
Updated
Mar 5, 2020 - Perl
Janusec Application Gateway, a Golang based application security solution which provides WAF (Web Application Firewall), CC attack defense, unified web administration portal, private key protection, web routing and scalable load balancing.
go
golang
security
gateway
waf
xss
reverse-proxy
sql-injection
application-security
web-application-firewall
web-console
web-application-security
web-ssh
application-gateway
load-balance
cc-attack-defense
sensitive-data-leakage
janusec-application-gateway
-
Updated
Mar 9, 2020 - Go
渗透测试有关的POC、EXP、脚本、提权、小工具等,欢迎补充、完善---About penetration-testing python-script poc html-poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql
cms
sql
python-script
teamviewer
xss
penetration-testing
poc
rce
csrf
cve
getshell
html-poc
php-getshell
domainmod-xss
penetration-testing-poc
csrf-webshell
cobub-razor
sql-poc
-
Updated
Mar 9, 2020 - Java
-
Updated
Feb 29, 2020 - HTML
bnomei
commented
Sep 1, 2019
the json example in the readme has no self in various params but the json file from the tests does have these set.
https://github.com/paragonie/csp-builder#example
https://github.com/paragonie/csp-builder/blob/e9a7560fd3f133a85f03c51de5fc051ac97630a7/test/vectors/basic-csp.json
for example i am guessing that using the example from the readme does not set self fore base-uri. but that might n
EdaCZ
commented
Oct 30, 2016
I noticed that when you write {...} to some latte template, error message is not very clear.
I think error message should be something like "Undefined macro '...'".
It has very low priority but I wanted to note it somewhere, so I created this issue.
Improve this page
Add a description, image, and links to the xss topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the xss topic, visit your repo's landing page and select "manage topics."
The current repository description is identical to the name of the repository, this is not very informative when parsing the json reply from a repository search using the github api. I would recommend adding a short meaningful description, for example: "a free class for web security" .