Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

A container repository for my public web hacks!

Awesome Object Capabilities and Capability Security

JavaScript library for building web-based applications that employ secure multi-party computation (MPC).

Mike North's Web Security Course

CS 253 Web Security course at Stanford University

Runs the default Google Lighthouse tests with additional security tests

CLI component of OWASP PurpleTeam

HTTPS Frontend Hijack

HTTP Cache Poisoning Demo

Password scoring library written in Javascript.

DOM Clobbering Wiki, Browser Testing, and Payload Generation

JSSCM detects expired domains for Stored XSS exploitation during browsing.

Professional Search Engine Hacking Syntax Tool - Supports Google, Baidu, and Bing search engines, and provides intelligent sidebar, URL extraction, custom syntax and other functions to help security research and penetration testing 专业的搜索引擎Hacking语法工具 - 支持Google、百度、Bing三大搜索引擎，提供智能侧边栏、URL提取、自定义语法等功能，助力安全研究和渗透测试

XSSB is a proactive DOM sanitizer, defending against client-side injection attacks!

Safeguard your online experience with Anti-Phishing Extension! This extension is meticulously developed to protect users from potential phishing attacks by actively scanning the websites visited in real-time. It employs an updated blacklist to cross-check each website and promptly alerts users if a potential threat is detected, enhancing

collectvars collects JavaScript variables, highlights risky ones, and helps you understand code structure, while you casually browse.

A definitely (read: not) secure online banking site. Built for demo purposes as an example of common security vulnerabilities / what NOT to do.

JavaScript implementation of garbled gates and 2PC boolean circuit protocols