Skip to content
/ GMSGadget Public

This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) and HTML sanitizers like DOMPurify.

gmsgadget.com/

License

GPL-3.0 license
81 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

kevin-mizu/GMSGadget

BranchesTags

Repository files navigation

GMSGadget

GMSGadget (Give Me a Script Gadget) is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) and HTML sanitizers like DOMPurify.

It's important to note that this is not a list of exploits. The gadgets listed here are either patched vulnerabilities or intended JavaScript behaviors that can be leveraged to bypass HTML restrictions.

This repository is only here for contributors; please use the website to search through gadgets: https://gmsgadget.com/

About

This repository is a collection of JavaScript gadgets that can be used to bypass XSS mitigations such as Content Security Policy (CSP) and HTML sanitizers like DOMPurify.

gmsgadget.com/

Topics

javascript html csp web xss html-injection csrf pentesting bypass gadgets sanitizer

Resources

Readme

License

GPL-3.0 license

Contributing

Contributing
Activity

Stars

81 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages