NodeJS File Write to RCE on a read-only filesystem using a ROP chain in libuv

Code for our 2025 ACM CCS Paper "Head(er)s Up! Detecting Security Header Inconsistencies in Browsers"

TheHulk is a dynamic analysis tool designed to detect and exploit DOM Clobbering vulnerabilities.

Free and open source video editor, based on MLT Framework and KDE Frameworks

Multiplatform reliable implant with failover protocols

Sleek CSS-only CTFd theme

A bunch of V8 resources (with a security focus)

CSPBypass.com, a tool designed to help ethical hackers bypass restrictive Content Security Policies (CSP) and exploit XSS (Cross-Site Scripting) vulnerabilities on sites where injections are blocke…

🎯 Fast CORS misconfiguration vulnerabilities scanner

Test suites for Web platform specs — including WHATWG, W3C, and others

Root-Me Xmas 2024 - Writeups & Sources

A fast tool to scan CRLF vulnerability written in Go

CORS Misconfiguration Scanner

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

Source code for Gramps Genealogical program

Scientific analysis of collaborative communities

Differential testing framework for HTTP implementations

Peeking through the window: Fingerprinting Browser Extensions through Page-Visible Execution Traces and Interactions - Artifact

'Ike: A binary exploitation and reversing handbook.

A machine-readable list of Web specifications

Source code of the challenges developed for the 2024 edition of openECSC