Xss Payload List🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Stars: ✭ 2,617 (+4491.23%)
xss-chefA web application for generating custom XSS payloads
Stars: ✭ 70 (+22.81%)
Parsevip解析VIP资源,解析出酷狗、QQ音乐、腾讯视频、人人视频的真实地址
Stars: ✭ 105 (+84.21%)
QuickxssAutomating XSS using Bash
Stars: ✭ 113 (+98.25%)
BerserkerA list of useful payloads for Web Application Security and Pentest/CTF
Stars: ✭ 212 (+271.93%)
XsshellAn XSS reverse shell framework
Stars: ✭ 251 (+340.35%)
Zebra formA jQuery augmented PHP library for creating secure HTML forms, and validating them easily
Stars: ✭ 95 (+66.67%)
JavasecurityJava web and command line applications demonstrating various security topics
Stars: ✭ 182 (+219.3%)
EzxssezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Stars: ✭ 1,022 (+1692.98%)
HookishHooks in to interesting functions and helps reverse the web app faster.
Stars: ✭ 129 (+126.32%)
Xss LoaderXss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Stars: ✭ 215 (+277.19%)
GxssA tool to check a bunch of URLs that contain reflecting params.
Stars: ✭ 115 (+101.75%)
Collection DocumentCollection of quality safety articles. Awesome articles.
Stars: ✭ 1,387 (+2333.33%)
XlessThe Serverless Blind XSS App
Stars: ✭ 191 (+235.09%)
XsstrikeMost advanced XSS scanner.
Stars: ✭ 9,822 (+17131.58%)
dnmpdocker-compose部署LNMP环境 Nginx/Openresty、MySQL(5.7、8.0、8.1)、PHP7.4(8.0、5.6)、Redis5.0、PHPMyAdmin、Xdebug、RabbitMQ、Nacos
Stars: ✭ 138 (+142.11%)
Pythempentest framework
Stars: ✭ 1,060 (+1759.65%)
JsshellJSshell - JavaScript reverse/remote shell
Stars: ✭ 167 (+192.98%)
AryAry 是一个集成类工具,主要用于调用各种安全工具,从而形成便捷的一键式渗透。
Stars: ✭ 241 (+322.81%)
Express Securitynodejs + express security and performance boilerplate.
Stars: ✭ 37 (-35.09%)
WascanWAScan - Web Application Scanner
Stars: ✭ 1,895 (+3224.56%)
BlackwidowA Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Stars: ✭ 887 (+1456.14%)
V3n0m ScannerPopular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+1385.96%)
XssmapXSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具
Stars: ✭ 134 (+135.09%)
Secbox🖤 网络安全与渗透测试工具导航
Stars: ✭ 222 (+289.47%)
0l4bsCross-site scripting labs for web application security enthusiasts
Stars: ✭ 119 (+108.77%)
cdCloudDefense.ai is an automated web application security testing tool that audits your web applications by checking for vulnerabilities like SQL Injection, Cross-site scripting and other exploitable vulnerabilities.
Stars: ✭ 33 (-42.11%)
Python Xss FilterBased on native Python module HTMLParser purifier of HTML, To Clear all javascript in html
Stars: ✭ 115 (+101.75%)
Angularjs Csti ScannerAutomated client-side template injection (sandbox escape/bypass) detection for AngularJS.
Stars: ✭ 214 (+275.44%)
ShurikenCross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.
Stars: ✭ 114 (+100%)
XsscopeXSScope is one of the most powerful and advanced GUI Framework for Modern Browser exploitation via XSS.
Stars: ✭ 103 (+80.7%)
HackvaultA container repository for my public web hacks!
Stars: ✭ 1,364 (+2292.98%)
cve-2016-1764Extraction of iMessage Data via XSS
Stars: ✭ 52 (-8.77%)
Webrtcxss利用XSS入侵内网(Use XSS automation Invade intranet)
Stars: ✭ 190 (+233.33%)
SourcecodesnifferThe Source Code Sniffer is a poor man’s static code analysis tool (SCA) that leverages regular expressions. Designed to highlight high risk functions (Injection, LFI/RFI, file uploads etc) across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc) in a highly configurable manner.
Stars: ✭ 87 (+52.63%)
vafVaf is a cross-platform very advanced and fast web fuzzer written in nim
Stars: ✭ 294 (+415.79%)
SqlinatorAutomatically forward HTTP GET & POST requests to SQLMap's API to test for SQLi and XSS
Stars: ✭ 70 (+22.81%)
GodnslogAn exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Stars: ✭ 172 (+201.75%)
XwafxWAF 3.0 - Free Web Application Firewall, Open-Source.
Stars: ✭ 48 (-15.79%)
ReconftwreconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+1608.77%)
Xssor2XSS'OR - Hack with JavaScript.
Stars: ✭ 1,969 (+3354.39%)
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Stars: ✭ 975 (+1610.53%)
FilterbypassBrowser's XSS Filter Bypass Cheat Sheet
Stars: ✭ 884 (+1450.88%)
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
Stars: ✭ 12,246 (+21384.21%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+4921.05%)
DompurifyDOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Stars: ✭ 8,177 (+14245.61%)
HtmlsanitizerCleans HTML to avoid XSS attacks
Stars: ✭ 938 (+1545.61%)
ImagejsSmall tool to package javascript into a valid image file.
Stars: ✭ 828 (+1352.63%)
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Stars: ✭ 2,135 (+3645.61%)
flask-vulnPretty vulnerable flask app..
Stars: ✭ 23 (-59.65%)
laravel-xss-filterFilter user input for XSS but don't touch other html
Stars: ✭ 38 (-33.33%)
Wordlist404Small but effective wordlist for brute-forcing and discovering hidden things.
Stars: ✭ 101 (+77.19%)