DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

JavaScript 16,170 811 Updated Oct 21, 2025

davila7 / claude-code-templates

CLI tool for configuring and monitoring Claude Code

JavaScript 10,356 893 Updated Nov 7, 2025

brianpetro / obsidian-smart-connections

Chat with your notes & see links to related content with AI embeddings. Use local models or 100+ via APIs like Claude, Gemini, ChatGPT & Llama 3

JavaScript 4,243 256 Updated Nov 6, 2025

stefanbuck / awesome-browser-extensions-for-github

A collection of awesome browser extensions for GitHub.

JavaScript 3,182 202 Updated Aug 18, 2024

mrd0x / BITB

Browser In The Browser (BITB) Templates

JavaScript 2,853 483 Updated Jan 26, 2024

mandatoryprogrammer / CursedChrome

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

JavaScript 1,661 246 Updated Oct 26, 2024

firesunCN / BlueLotus_XSSReceiver

JavaScript 1,601 986 Updated Feb 2, 2023

momosecurity / FindSomething

基于chrome、firefox插件的被动式信息泄漏检测工具

JavaScript 1,318 141 Updated Nov 17, 2024

boku7 / Loki

🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications

JavaScript 1,225 205 Updated Jun 17, 2025

JoelGMSec / EvilnoVNC

Ready to go Phishing Platform

JavaScript 1,068 193 Updated May 6, 2025

ddupont808 / GPT-4V-Act

AI agent using GPT-4V(ision) capable of using a mouse/keyboard to interact with web UI

JavaScript 1,059 101 Updated Dec 9, 2024

praetorian-inc / ChromeAlone

A tool to transform Chromium browsers into a C2 Implant

JavaScript 500 69 Updated Nov 7, 2025

gh0stkey / avList

avList - 杀软进程对应杀软名称

JavaScript 406 73 Updated Oct 21, 2021

bellingcat / toolkit

JavaScript 395 76 Updated Nov 7, 2025

R-s0n / ars0n-framework-v2

Bug Bounty Hunting Framework Designed to Help Beginners Compete w/ the Pros

JavaScript 377 75 Updated Aug 28, 2025

Ahaz1701 / EvilWorker

A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its minimalist, robust, and highly adaptable architecture, this solu…

JavaScript 131 20 Updated Aug 5, 2025

ahhh / gscripts

A repo full of example gscripts

JavaScript 101 25 Updated Sep 6, 2019

redherd-project / redherd-framework

RedHerd is a collaborative and serverless framework for orchestrating a geographically distributed group of assets.

JavaScript 73 17 Updated Apr 25, 2023

Project-Prismatica / Diagon

The Diagon Attack Framework is a Prismatica application containing the Ravenclaw, Gryffindor, and Slytherin remote access tools (RATs).

JavaScript 53 5 Updated Jan 13, 2023

smokeme / asar-backdoor

JavaScript 33 5 Updated Mar 19, 2025

hoodoer / XSS-Data-Exfil

Sample code for exfiltrating data through an XSS vulnerability. XSS Payload retrieves sensitive data in victim's browser, then breaks it into chunks. Sends those chunks out as image requests (data …

JavaScript 19 7 Updated May 11, 2021

xfixxy3939 / fewer-stealer

🦊 🧊 Fully Undetected Grabber (Grabs Wallets, Passwords, Cookies, Autofills, Information, Discord, Telegram)

JavaScript 6 10 Updated Aug 13, 2023

thecasual / xss_cc_skimmer_poc

JavaScript 6 1 Updated Mar 4, 2023

Teach2Breach / svg_payload

reverse engineered and reimplemented from an example in the wild. bypasses proofpoint and EDRs

JavaScript 5 1 Updated Jun 12, 2025

unknown programmer's programs hyperware1337

Lists (16)

AI

Applethings

Custom

Dev

Enum

🔮 Future ideas

Goodshit

Malware technology

Malwarestuff

Randm

Random2

Red

Rootkits

Signals

Sus

Tamper

Stars