Endo is a distributed secure JavaScript sandbox, based on SES
A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
The Most Advanced Client-Side Prototype Pollution Scanner
A collection of Server-Side Prototype Pollution gadgets and exploits
The Most Advanced Client-Side Prototype Pollution Scanner
Let's check if your target is vulnerable for client side prototype pollution.
A tool which helps identifying client-side prototype polluting libraries
A website developed with Nodejs. This website includes server side prototype pollution vulnerability
Detecting prototype pollution vulnerabilities in JavaScript using static analysis
Secure drop-in replacement for the `JSON` global with prototype pollution protection
Prototype Pollution Checker is a security tool designed to detect potential Prototype Pollution vulnerabilities on target URLs by injecting payloads and verifying responses. This tool uses Selenium to...
Interactive demo of a prototype pollution → XSS exploit in JavaScript
JavaScript Prototype Pollution Attack demo against a NodeJS Express server using Lodash
A CTF challenge we put together for Ekoparty's 2023 main CTF
A sample application vulnerable to JavaScript prototype pollution
My Write Up for Portswigger Prototype Polution Write Up
Gadgets in the JavaScript runtime based on the ECMAScript specification
Check prototype pollution in JS libraries