Top 133 xss open source projects

Xsshell
An XSS reverse shell framework
Ary
Ary 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Payloads
Git All the Payloads! A collection of web attack payloads.
Secbox
🖤 网络安全与渗透测试工具导航
Xss Loader
Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Angularjs Csti Scanner
Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Berserker
A list of useful payloads for Web Application Security and Pentest/CTF
Xless
The Serverless Blind XSS App
Webrtcxss
利用XSS入侵内网(Use XSS automation Invade intranet)
✭ 190
webrtcxss
Javasecurity
Java web and command line applications demonstrating various security topics
Godnslog
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Jsshell
JSshell - JavaScript reverse/remote shell
Wascan
WAScan - Web Application Scanner
Bluemonday
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Phpvuln
Audit tool to find common vulnerabilities in PHP source code
Xssmap
XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Hookish
Hooks in to interesting functions and helps reverse the web app faster.
0l4bs
Cross-site scripting labs for web application security enthusiasts
✭ 119
bugbountyxss
Quickxss
Automating XSS using Bash
Python Xss Filter
Based on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
✭ 115
pythonxss
Gxss
A tool to check a bunch of URLs that contain reflecting params.
Shuriken
Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Parsevip
解析VIP资源,解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
Xsscope
XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Zebra form
A jQuery augmented PHP library for creating secure HTML forms, and validating them easily
Sourcecodesniffer
The Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Sqlinator
Automatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
Xwaf
xWAF 3.0 - Free Web Application Firewall, Open-Source.
Ezxss
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Tiny Xss Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Blackwidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Filterbypass
Browser's XSS Filter Bypass Cheat Sheet
Dompurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Htmlsanitizer
Cleans HTML to avoid XSS attacks
✭ 938
htmlxss
Imagejs
Small tool to package javascript into a valid image file.
Medusa
🐈Medusa是一个红队武器库平台,目前包括扫描功能(200+个漏洞)、XSS平台、协同平台、CVE监控等功能,持续开发中 http://medusa.ascotbe.com
Dalfox
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Janusec
Janusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Xss Payloads
List of advanced XSS payloads
✭ 696
xss
Latte
☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.
Injectify
Perform advanced MiTM attacks on websites with ease 💉
Xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Android Reports And Resources
A big list of Android Hackerone disclosed reports and other resources.
1-60 of 133 xss projects