This is your work, valued
xsschef. Chrome extension Exploitation Framework
572mosquito. XSS exploitation tool - access victims through HTTP proxy
162blog-kotowicz-net-examples. Code Examples for blog.kotowicz.net
135phar-util. PharUtil - Security-oriented utilities for Phar archives
129socket_io_client. Python tool for testing vulnerabilities in WebSockets / Socket.IO servers
69gitpillage. Pillage a git repo found in an accessible web root
60squid-imposter. Phishing attack w/HTML5 offline cache framework based on Squid proxy
30owasp-malicious-javascript. Materials for OWASP presentation on malicious JavaScript
16svn-tools. Various command-line utilities for Subversion users
11sslstrip. A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.
11httpfileserver. Simple PHP REST file server implementation. You put and retrieve files using any HTTP client e.g. wget
9cors-proxy-browser. CORS based proxy (with Flash backend, remote control, MalaRIA integration and more goodies)
7ajax-upload. Use AJAX Upload to upload multiple files without refreshing the page and style upload button as you wish.
5iplex_adblock. Adblock HTTP proxy server for iplex.pl movies
3Demo-ClientsideWebAttacks. Demonstration of some client-side web application vulnerabilities (DOM XSS, Clickjacking) and wrong usage of local storage.
3exceed-mitm. Exceed OnDemand MITM proof-of-concept
3htshells. Self contained htaccess shells and attacks
3websockify. Add WebSockets support to any application/server (formerly wsproxy)
3DeathToDSStore. .DS_Store is an abomination and must be stopped.
2react. A declarative, efficient, and flexible JavaScript library for building user interfaces.
2visipisi.
2WebFundamentals. Best practices for modern web development
2beef. The Browser Exploitation Framework Project
2reconnecting-websocket. A small decorator for the JavaScript WebSocket API that automatically reconnects
2projects. JavaScript
2SQLol. A configurable SQL injection test-bed
2MotionCAPTCHA. MotionCAPTCHA jQuery Plugin - Stop Spam, Draw Shapes
2node-shells. JavaScript
2html5demos. Collection of hacks and demos showing capability of HTML5 apps
2burp-extensions. Various small Burp extensions
2phpbb3. phpBB 3 Development: phpBB is a popular open-source bulletin board written in PHP. This repository also contains the history of version 2.
1mitmproxy. An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers
1react-redux-realworld-example-app. Exemplary real world application built with React + Redux
1libs. Coleção de classes PHP com propósitos diversos
1MalaRIA-Proxy. Proof of concept code (which means poor code quality) for a proxy abusing unrestricted cross domain policies.
1webpack. A bundler for javascript and friends. Packs many modules into a few bundled assets. Code Splitting allows for loading parts of the application on demand. Through "loaders", modules can be CommonJs, AMD, ES6 modules, CSS, Images, JSON, Coffeescript, LESS, ... and your custom stuff.
1node_chat. simple chat demo for node
1AjaxFileUpload. A jQuery plugin that simulates asynchronous file uploads.
1Socket.IO-node. Sockets for the rest of us (in Node.js)
1ICanHaz.js. A clean solution for templating with Mustache.js and jQuery or Zepto
1end-to-end-1. End-To-End is a Chrome extension that helps you encrypt, decrypt, digital sign, and verify signed messages within the browser using OpenPGP.
1owtf. The Offensive (Web, etc) Testing Framework (aka OWTF) is an OWASP+PTES-focused try to unite great tools and make pen testing more efficient @owtfp
1stupid-websocket-tcp-proxy. A very stupid websocket tcp proxy (using websockets with unmodified TCP servers)
1pyinotify. Monitoring filesystems events with inotify on Linux.
1DOMPurify. DOMPurify
1webappsec. Web Application Security Working Group repo
1ahDoctrineEasyEmbeddedRelationsPlugin. ahDoctrineEasyEmbeddedRelationsPlugin
1