Some Generic Browser Exploits (For Educational Purposes Only)

An educational phishing simulation login page demonstrating how fake UIs capture user credentials. It logs inputs, stores them locally, and emails the captured data for awareness training. Intended strictly for controlled, ethical use to teach URL verification and phishing prevention.

A polished, accessible client-side password strength checker that estimates entropy, detects weak patterns, and provides actionable suggestions. Includes a built-in password generator, works fully offline with no network calls, and uses ARIA live updates for accessibility. Ideal for demos, portfolios, or frontend components.

A high-performance, keyless, rule-based envelope for protecting web/API/stream data.

Unpacked Telegram web app for research.

Next.js code obfuscation setup using webpack-obfuscator – secure and protect your production builds.

ClientVault is a lightweight, in-page web security tool that lets you inspect, analyze, and manage all client-side storage used by a website — including cookies, localStorage, sessionStorage, and more. Built for developers, pentesters, and bug bounty hunters.

Vollständige Webanwendung für OpenPGP-Verschlüsselung, basierend auf React, TypeScript und openpgp.js.

The 'CyberGuard' delivers a modular, multi-layer security system for modern web applications. It bundles client-side anomaly detection, DDoS-Guard, DOM protection, input shielding, service-worker hardening and UI blackout controls into one compact package.

Client-side History API abuse, shown as a safe educational PoC

SMUGGLR is a browser-based Unicode steganography and text obfuscation toolkit for experimenting with invisible characters, homoglyphs, whitespace ciphers, and Unicode-based payload hiding techniques — all fully client-side with zero network calls. 🔓

EntropyKey is a web application that generates unique and secure tokens using your device's camera. The randomness in the video feed helps create unpredictable tokens, making them suitable for passwords or other secure identifiers.

Frontguard by Pubflow CLI scans frontend builds, public URLs, localhost apps, HAR files, and interactive browser traffic for client-side exposure risks.

Website proptection tool beyond a captcha solver. Lightweight JavaScript site protection library that secures forms without traditional CAPTCHA challenges. Advanced client-side site protection tool that goes beyond traditional CAPTCHA by preventing automated form abuse and bot submissions.

HUMAN Security — bot mitigation + ad fraud (formerly PerimeterX)

AI-driven dynamic client-side encryption system. Application-layer security with language-agnostic reverse proxy, replay protection, and client-side payload validator.

A lightweight client-side wallet for Solana and Ethereum with seed generation, key derivation, multi-account support, and balance lookups.

PhantomPath is a client-side utility designed to demonstrate various techniques used to structurally obfuscate URLs. In the field of cybersecurity, understanding how an attacker can mask a malicious destination is crucial for developing robust defense mechanisms and training users in link analysis.