A client-side web security tool that sanitizes potentially malicious HTML and JavaScript input by stripping unsafe tags and event attributes. Designed to demonstrate XSS prevention concepts, safe input handling, and frontend security practices using pure HTML, CSS, and JavaScript in a beginner-friendly interface.

realtime page bot detection, XSS detection and performance analytics tracker for the web

Anti Cross Site Scripting (XSS) Injection for PHP. A very powerful tool to counteract XSS Injection. It has been proven so far that it is still very reliable for dealing with XSS Injection problems. This tool is also very suitable for use in the Codeigniter Framework.

Given some data, js-char-escape returns a stringified representation of that data to help prevent XSS/ Cross-site_Scripting Attacks in your application). js-char-escape is a fork of jsesc with a few additions such as exclude & excludeAccented.

A javascript library to display warning aginst self XSS attacks

A simple npm library to remove script tags but keep other html

A passwordless login system where a user enters their email, the site emails a short-lived redirect link (30 seconds) plus an 8-digit one-time code (OTP).

Rust-inspired security patterns for JavaScript - Memory-safe coding without changing syntax

Deterministic input sanitization for untrusted text — homoglyphs, invisible chars, null bytes, NFKC normalization, template injection. Zero dependencies. Python 3.12+.

Comprehensive Content Security Policy (CSP) Guide & Suite in Arabic. Learn web security, prevent XSS, and implement robust security headers.

A secure React (Vite) frontend for the Customer Management System, featuring protected routes, secure session handling (httpOnly cookies), and dynamic UI.

Desarrollé un Honeypot que simula un panel administrativo. El sistema tiene una capa de lógica que intercepta patrones maliciosos. Como QA, esto me permite entender cómo validar entradas de datos para prevenir vulnerabilidades críticas como el Cross-Site Scripting (XSS).

Share a link, log their location, they see a dead server. Fastify + TypeScript with 10 server disguises, IP geolocation via ip-api.com, rate limiting, XSS-safe templates, and 63 tests at 96% coverage

🔐 Secure ASP.NET Core 8.0 web application for managing sensitive financial data with enterprise-grade security. Features AES-256 encryption, role-based authorization, 2FA, comprehensive input validation, and 41 passing security tests. OWASP Top 10 compliant.

A rudimentary XSS prevention system written in Python