NDevTK's starred repositories
trufflehog
Find and verify secrets
unredacter
Never ever ever use pixelation as a redaction technique
privacyguides.org
Protect your data against global mass surveillance programs.
awesome-google-vrp-writeups
🐛 A list of writeups from the Google VRP Bug Bounty program
Run-in-Sandbox
Run PS1, VBS, CMD, EXE, MSI, Intunewin, MSIX, or extract ISO, ZIP in Windows Sandbox very quickly just from a right-click
extension-detector
Check how trackable you are based on your browser extensions.
chrome-bandit
Programmatically extract saved passwords from Chromium based browsers.
blog-indexeddb-safari-leaks-demo
Demo showcasing information leaks resulting from an IndexedDB same-origin policy violation in WebKit.
TCC-ClickJacking
A proof of concept for a clickjacking attack on macOS.
xsinator.com
XS-Leak Browser Test Suite
same-origin-xss
Same Origin XSS challenge
nathanfarlow
Pokemon on your GitHub profile!
CVE-2022-32883
Turning Your Computer Into a GPS Tracker With Apple Maps
deprecating-document-domain
`document.domain` intentionally weakens the only security boundary we have. Perhaps we can dump it?
xs-observations
Find leaky observation channels in browsers and XS-Leaks on websites
Partitioning-visited-links-history
A proposal to partition :visited link history by top-level site and frame origin.
why-is-sb-down
Why is SponsorBlock down?!
2022AprilFools
Based on https://github.com/ajayyy/SponsorBlockSite
LeakuidatorPlus
Leakuidator+ helps users to protect themselves against cross-site leaks, a class of vulnerabilities derived from side-channels built into the web platform.