GMSGadget is a collection of JavaScript tools designed to bypass XSS mitigations like Content Security Policy and HTML sanitizers. The tools listed are not exploits but rather patched vulnerabilities or JavaScript behaviors that can circumvent HTML restrictions. Contributions for new gadgets and documentation improvements are encouraged.

The resource compilation focuses on client-side security vulnerabilities, particularly in JavaScript, providing a wealth of guides, tips, and practical challenges for pentesters and bug bounty hunters. It covers topics ranging from XSS and PostMessage vulnerabilities to CSP bypass techniques and includes a variety of writeups and educational materials to enhance understanding and skills in this area.