Simple API for storing all incoming XSS requests and various XSS templates.

Copy as XMLHttpRequest BurpSuite extension

Ronin the Shogun for XSS and XSRF Attacks.

(csrf) google just got a idea to bypass or manipulate the 2fa in gmail service but was successfull in bypassing the device name in gmail 2fa

We are going to go through some techniques and common PHP use cases for Website Security. Website security is often overlooked- and that’s understandable, but basic security can be put down to lots of techniques.

This script generates PoC for Cross-site request forgery. you just need to provide Url, method and parameters

I improved my previous "JavaScript Share My Place" app so that I can protect it from security holes and concepts. I specifically handled the two most important JavaScript attack patterns or vulnerabilities, which are Security Details in my code exposed accidentally and Cross Site Scripting (XSS) attacks, with Sanitize HTML package for example.

🌐🔒 Evaluating the security (exploiting and fixing vulnerabilities) of Open eClass 2.3 (University of Athens) platform.

HTTP and Express middleware that compares the request's Origin header with a list of allowed origins, to protect against CSRF.

Cross-Site Request Forgery (CSRF) attack

Project developed for the Security Testing course.

ECE458 Assignments

Fixing the CSRF(Cross-Site Request Forgery Attacks) vulnerabilities on the web forms (Ordering form and the Contact form) of a Confectioneries website.

Node.js HTTP CORS middleware.

CSRF Middleware

The repository includes various vulnerbilities, their types, identification, exploitation and mitigations along with payloads. Includes: Cross-Site Scripting (XSS) SQL Injection (SQLi) Directory Traversal Command Injection

CSRF