mniemietz's Stars
thomashartm/burp-domsink-logger
Injects a trusted types policy into an HTML page to log all DOM sinks whenever HTML is written into the DOM.
cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
w3c/webappsec-suborigins
Suborigins
RUB-NDS/your-sop.com
RUB-NDS/Metadata-Attacker
A tool to generate media files with malicious metadata