Endo is a distributed secure JavaScript sandbox, based on SES
-
Updated
Dec 26, 2024 - JavaScript
Endo is a distributed secure JavaScript sandbox, based on SES
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
A collection of Server-Side Prototype Pollution gadgets and exploits
The Most Advanced Client-Side Prototype Pollution Scanner
Let's check if your target is vulnerable for client side prototype pollution.
A tool which helps identifying client-side prototype polluting libraries
Detecting prototype pollution vulnerabilities in JavaScript using static analysis
A website developed with Nodejs. This website includes server side prototype pollution vulnerability
Secure drop-in replacement for the `JSON` global with prototype pollution protection
Security Research and PoC
Prototype Pollution Checker is a security tool designed to detect potential Prototype Pollution vulnerabilities on target URLs by injecting payloads and verifying responses. This tool uses Selenium to automate browser interactions and concurrently checks multiple URLs for vulnerabilities.
A CTF challenge we put together for Ekoparty's 2023 main CTF
JavaScript Prototype Pollution Attack demo against a NodeJS Express server using Lodash
A sample application vulnerable to JavaScript prototype pollution
My Write Up for Portswigger Prototype Polution Write Up
Gadgets in the JavaScript runtime based on the ECMAScript specification
Check prototype pollution in JS libraries
Add a description, image, and links to the prototype-pollution topic page so that developers can more easily learn about it.
To associate your repository with the prototype-pollution topic, visit your repo's landing page and select "manage topics."