Simple API for storing all incoming XSS requests and various XSS templates.

Copy as XMLHttpRequest BurpSuite extension

Ronin the Shogun is an Automatic Cross site injection attacks for Cookie and ID Hunter. JavaScript and TypeScript Payloads library. for XSS, CSRF, CRLF, XS-Leaks and More.

This script generates PoC for Cross-site request forgery. you just need to provide Url, method and parameters

We are going to go through some techniques and common PHP use cases for Website Security. Website security is often overlooked- and that’s understandable, but basic security can be put down to lots of techniques.

(csrf) google just got a idea to bypass or manipulate the 2fa in gmail service but was successfull in bypassing the device name in gmail 2fa

I improved my previous "JavaScript Share My Place" app so that I can protect it from security holes and concepts. I specifically handled the two most important JavaScript attack patterns or vulnerabilities, which are Security Details in my code exposed accidentally and Cross Site Scripting (XSS) attacks, with Sanitize HTML package for example.

🌐🔒 Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.

HTTP and Express middleware that compares the request's Origin header with a list of allowed origins, to protect against CSRF.

Cross-Site Request Forgery (CSRF) attack

ECE458 Assignments

Project developed for the Security Testing course.

The repository includes various vulnerbilities, their types, identification, exploitation and mitigations along with payloads. Includes: Cross-Site Scripting (XSS) SQL Injection (SQLi) Directory Traversal Command Injection

Fixing the CSRF(Cross-Site Request Forgery Attacks) vulnerabilities on the web forms (Ordering form and the Contact form) of a Confectioneries website.

CSRF Middleware

Node.js HTTP CORS middleware.