SoheilKhodayari
Security & privacy researcher, hacking, patching, and drinking coffee... and then do it all over again!
CISPA Saarland, Germany
Pinned Repositories
DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Basta-COSI
A framework for the detection of COSI vulnerabilities / XS-Leaks
CHIPSEC-GUI
A CHIPSEC-based GUI For Platform Security Assessment
CHMS_SYSTEM
An integrated hospital management system
DOMClobbering
DOM Clobbering Wiki, Browser Testing, and Payload Generation
JAW
JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
Lyric-Music-Player
A simple android music player with song lyrics
same-site-wiki
SameSite Cookies Wiki
TheThing
TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
sast-testability-patterns
Testability Pattern Catalogs for SAST
SoheilKhodayari's Repositories
SoheilKhodayari/JAW
JAW: A Graph-based Security Analysis Framework for Client-side JavaScript
SoheilKhodayari/DOMClobbering
DOM Clobbering Wiki, Browser Testing, and Payload Generation
SoheilKhodayari/TheThing
TheThing: an open-source tool to detect DOM Clobbering vulnerabilities
SoheilKhodayari/Basta-COSI
A framework for the detection of COSI vulnerabilities / XS-Leaks
SoheilKhodayari/same-site-wiki
SameSite Cookies Wiki
SoheilKhodayari/CHIPSEC-GUI
A CHIPSEC-based GUI For Platform Security Assessment
SoheilKhodayari/html-sanitizer-testing-pipeline
Scripts for testing HTML sanitizers
SoheilKhodayari/Graph
A social network
SoheilKhodayari/crowdea
An open-source idea-management website with crowd-sourcing, crowd-funding and market-testing capabilities.
SoheilKhodayari/js-malicious-dataset
This repository contains a list of pseudo-sorted malicious JavaScripts collected from time to time.
SoheilKhodayari/Lexical-Analyzer
An Implementation of a simple lexical Analyzer
SoheilKhodayari/T-OWASP
A vulnerable test website for fuzzing
SoheilKhodayari/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
SoheilKhodayari/django-hackathon-starter
A boilerplate for Django web applications
SoheilKhodayari/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
SoheilKhodayari/esprima-python
ECMAScript parsing infrastructure for multipurpose analysis
SoheilKhodayari/filbert
JavaScript parser of Python
SoheilKhodayari/gitignore
A collection of useful .gitignore templates
SoheilKhodayari/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
SoheilKhodayari/js2cpg
SoheilKhodayari/Local-LLM-Comparison-Colab-UI
Compare the performance of different LLM that can be deployed locally on consumer hardware. Run yourself with Colab WebUI.
SoheilKhodayari/nova
OpenStack Compute (Nova)
SoheilKhodayari/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SoheilKhodayari/project-foxhound-builder
Script to build project foxhound with playwright integration.
SoheilKhodayari/puppeteer-recaptcha-solver
Recaptcha solver for puppeteer.
SoheilKhodayari/reference
Share quick reference cheat sheet for developers.
SoheilKhodayari/sast-testability-patterns
Testability Pattern Catalogs for SAST
SoheilKhodayari/security-crawl-maze
Security Crawl Maze is a comprehensive testbed for web security crawlers. It contains pages representing many ways in which one can link resources from a valid HTML document.
SoheilKhodayari/WPF-Banking
A WPF-based simple banking application for demo purposes!
SoheilKhodayari/www-project-testability-patterns-for-web-applications
OWASP Foundation Web Respository