⚡ Dynamically generated stats for your github readmes

🖤 Create and share beautiful images of your source code

⚡️ Streaming torrent client for the web

node.js command-line interfaces made easy

Parse Server for Node.js / Express

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

📕《Node.js 包教不包会》 by alsotang

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

PostgreSQL client for node.js.

700+ Pure CSS, SVG & Figma UI Icons, 6000+ glyphs, patterns, colors and layouts.

📱📈An elegant, interactive and flexible charting library for mobile.

Distributed crawler powered by Headless Chrome

Awesome XSS stuff

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

Reverse Shell as a Service

XSS payloads designed to turn alert(1) into P1

Reverse engineering JavaScript and CSS sources from sourcemaps

Simple HS256, HS384 & HS512 JWT token brute force cracker.

SQL generation for node.js

A browser extension that allows you to monitor, intercept, and debug JavaScript sinks based on customizable configurations.

Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.

jxscout superpowers JavaScript analysis for security researchers

CVE-2022-32947 walkthough and demo

Mark pre-Musk era Twitter actually verified accounts.

Maintaining account persistence via XSS and Oauth

Make exploiting race conditions in web applications highly efficient and ease-of-use.