140 Open source projects that are alternatives of or similar to html-sanitizer

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

⏳ Provide filtering, sanitizing, and conversion of Golang data. 提供对Golang数据的过滤，净化，转换。

Java web and command line applications demonstrating various security topics

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

A list of useful payloads for Web Application Security and Pentest/CTF

Ruby HTML and CSS sanitizer.

WAScan - Web Application Scanner

Vaf is a cross-platform very advanced and fast web fuzzer written in nim

An XSS reverse shell framework

Based on native Python module HTMLParser purifier of HTML, To Clear all javascript in html

XSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.

Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

A Python library to sanitize/validate a string such as filenames/file-paths/etc.

The Serverless Blind XSS App

Make XSS Great Again

JSshell - JavaScript reverse/remote shell

[Go] Package of validators and sanitizers for strings, numerics, slices and structs

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Minimalist cheat sheet for developpers to write secure code

Cross-site scripting labs for web application security enthusiasts

Strips boilerplate from Project Gutenberg text files

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Prevents XSS by figuring out how to escape untrusted values in templates

Ary 是一个集成类工具，主要用于调用各种安全工具，从而形成便捷的一键式渗透。

A container repository for my public web hacks!

Hacking tools

🖤 网络安全与渗透测试工具导航

Proof of Concept code for CVE-2015-0345 (APSB15-07)

Automated client-side template injection (sandbox escape/bypass) detection for AngularJS.

Toolset for detecting reflected xss in websites

👨‍🏫 Mike's Web Security Course

Extraction of iMessage Data via XSS

利用XSS入侵内网(Use XSS automation Invade intranet)

A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

Most advanced XSS scanner.

XSS'OR - Hack with JavaScript.

Pretty vulnerable flask app..

Source code for Hacker101.com - a free online web and mobile security class.

String validation

Audit tool to find common vulnerabilities in PHP source code

XSS Payload without Anything.

Hooks in to interesting functions and helps reverse the web app faster.

Validate, sanitize and transform values with proper TypeScript types and zero dependencies.

Automating XSS using Bash

Filter user input for XSS but don't touch other html

A tool to check a bunch of URLs that contain reflecting params.

📐 Validation and unit conversion errors in TypeScript at compile-time. Started in 2016.

解析VIP资源，解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址

XSS HTTP Inject0r is a proof of concept tool that shows how XSS (Cross Site Scripting) flags can be exploited easily. It is written in HTML + Javascript + PHP and released under GPLv3.

Collection of quality safety articles. Awesome articles.

Cure53 Browser Security White Paper

A jQuery augmented PHP library for creating secure HTML forms, and validating them easily

Small but effective wordlist for brute-forcing and discovering hidden things.

Git All the Payloads! A collection of web attack payloads.

Safe replacement for the v-html directive

rewrite constructor arguments, call DOMPurify, profit

In progress rough solutions to bWAPP / bee-box

CloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.