tosmolka's Stars
ydogandjiev/microsoft-teams-test-tab
A test tab for Microsoft Teams used to exercise the platform and SDK
dirkjanm/ROADtools
A collection of Azure AD/Entra tools for offensive and defensive security purposes
microsoft/component-detection
Scans your project to determine what components you use
google/tsec
w3c/webappsec-csp
WebAppSec Content Security Policy
w3c/webappsec-subresource-integrity
WebAppSec Subresource Integrity
w3c/trusted-types
A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
w3c/webappsec
Web Application Security Working Group repo
cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
filedescriptor/untrusted-types
cure53/HTTPLeaks
HTTPLeaks - All possible ways, a website can leak HTTP requests