Berlin

Cure53

Elite
@cure53

And there is fire where we walk.

DOMPurify. DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

17k

H5SC. HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

2.9k

HTTPLeaks. HTTPLeaks - All possible ways, a website can leak HTTP requests

2.1k

XSSChallengeWiki. Welcome to the XSS Challenge Wiki!

1.6k

Contracts. A small collection of potentially useful contract templates

435

browser-sec-whitepaper. Cure53 Browser Security White Paper

300

Flashbang. Project "Flashbang" - An open-source Flash-security helper

205

Publications. A whole bunch of public pentest reports & papers

90

jPurify. jPurify

65

public-pentesting-reports. Curated list of public penetration testing reports released by several consulting firms

48

mustache-security. Automatically exported from code.google.com/p/mustache-security

23

DOMFortify. DOMFortify turns on Trusted Types for a page and quietly takes over the browser's default policy, so that old, vulnerable HTML sinks get auto-sanitized before bad markup ever hits the DOM.

20

PastePurify. This is a tiny Chrome Extension that protects your from Clipboard XSS Attacks

19

jsdelivr. A free Open Source CDN for webmasters and developers

5

marked. A markdown parser and compiler. Built for speed.

5

hashes. PHP hash "collisions"

4

DefinitelyTyped. The repository for high quality TypeScript type definitions.

4

crev-proofs. Crev proof repository

2

roundcubemail. The Roundcube Webmail suite

2

AppSecEurope2017.

1

MOSS-Directory. A listing of people and projects involved in the Mozilla Open Source Support (MOSS) program

1
21
Apply