Stars
UI over MCP. Create next-gen UI experiences with the protocol and SDK!
Data about all known supply-chain attacks through history
Fast exfiltration of text using only CSS and Ligatures
A comprehensive security checklist for MCP-based AI tools. Built by SlowMist to safeguard LLM plugin ecosystems.
FrogPost: postMessage Security Testing Tool
AI Crash Course to help busy builders catch up to the public frontier of AI research in 2 weeks
An experimental, efficient, and permeable alternative to iframes 🌿
A curated list of Artificial Intelligence Top Tools
Charter and administrivia for the WebExtensions Community Group (WECG)
Document (PDF, Word, PPTX ...) extraction and parse API using state of the art modern OCRs + Ollama supported models. Anonymize documents. Remove PII. Convert any document or picture to structured …
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
A Node.js library that safeguards your codebase with seamless access control based on directory structure.
DOM Clobbering Wiki, Browser Testing, and Payload Generation
The Annoying Site a.k.a. "The Power of the Web Platform"
Configure and simulate XSS and CSP environments for demonstration and testing purposes
A set of over 5800 free MIT-licensed high-quality SVG icons for you to use in your web projects.
Secure terminal-based IDE for local JS development
Test suites for Web platform specs — including WHATWG, W3C, and others
A machine-readable list of Web specifications
Generation of diagrams like flowcharts or sequence diagrams from text in a similar manner as markdown
Shield your DOM against clobbering attacks effortlessly
Supply-chain Levels for Software Artifacts
Setup and manage header bidding advertising partners without writing code or confusing line items. Prebid.js is open source and free.