90 skills found · Page 1 of 3
h4r5h1t / WebcopilotAn automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
masatokinugawa / FilterbypassBrowser's XSS Filter Bypass Cheat Sheet
YahooArchive / Xss FiltersSecure XSS Filters.
R0X4R / GarudAn automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Edr4 / XSS Bypass FiltersNo description available
kkomelin / Isomorphic DompurifyUse DOMPurify on server and client in the same way
cloudflare / Svg HushMake it safe to serve untrusted SVG files
naver / Lucy Xss FilterNo description available
harismuneer / Flight Booking System JavaServlets App✈️ An MVP level Flight Booking System (web-application) based on the Model View Controller (MVC) Architecture made using Java Servlets, Java Server Pages (JSPs). Moreover authentication and authorization for users is implemented. The web-application is also secured against SQL Injection and Cross-Site Scripting attacks.
naver / Lucy Xss Servlet FilterNo description available
nahsra / Antisamya library for performing fast, configurable cleansing of HTML coming from untrusted sources
R0X4R / D4rkXSSA list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF
dr34mhacks / XSSNowFind XSS payloads that actually work by filtering them based on real-world constraints instead of blind payload spraying.
phith0n / XssHtmlphp富文本过滤类,XSS Filter
davidson679 / Bypass Web Application FirewallsBypassing-Web-Application-Firewalls-And-XSS-Filters A series of python scripts for generating weird character combinations and lists for BurpSuite Pro for bypassing web application firewalls (WAF) and XSS filters. These python scripts have been created to fuzz wierd combinations: URL Escape Characters HTML Escape Characters Binary Characters These scripts were created during an assessment, while trying to bypass a Web Application Firewall (WAF) in order to exploit a XSS vulnerability. Differnt webservers and browsers interpret URL and strange characters differently which could lead to the bypassing of security controls. When I tried to send a > or < character the WAF would block the request. The following URL escapes I have noticed are traslated to < > ' by Apache2 based web servers: %(N%(n%)S%)U%)^%)s%)u%*C%*E%*c%*e%,.%.#%1N%1n%2S%2U%2^%2s%2u%3C%3E%3c%3e%5.%7#%:C%:E %:c%:e%HN%Hn%IS%IU%I^%Is%Iu%JC%JE%Jc%Je%L.%N#%XN%Xn%YS%YU%Y^%Ys%Yu%ZC%ZE%Zc%Ze%.%^# %hN%hn%iS%iU%i^%is%iu%jC%jE%jc%je%l.%n#%xN%xn%yS%yU%y^%ys%yu%zC%zE%zc%ze%|
salesforce / Secure FiltersAnti-XSS Security Filters for EJS and More
caomulaodao / XSS Filter Evasion Cheat Sheet CNXSS_Filter_Evasion_Cheat_Sheet 中文版
moeinfatehi / Xss Vulnerability Challengesthis repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
finn-no / Xss Html FilterOpen Sourced HTML filtering utility for Java. Used to parse user-submitted input and sanitize it against potential cross site scripting attacks, malicious html, or simply badly formed html.
phith0n / Python Xss FilterBased on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
