xss
There are 901 repositories under xss topic.
Hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
s0md3v/XSStrike
Most advanced XSS scanner.
chaitin/SafeLine
A simple, lightweight, and secure WAF. Developed based on Nginx and connected as a reverse proxy. Protect your web applications from common attacks and exploits.
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
chaitin/xray
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
dromara/lamp-cloud
lamp-cloud 基于Jdk11 + SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
s0md3v/AwesomeXSS
Awesome XSS stuff
CHYbeta/Web-Security-Learning
Web-Security-Learning
Arachni/arachni
Web Application Security Scanner Framework
foospidy/payloads
Git All the Payloads! A collection of web attack payloads.
hahwul/dalfox
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
reddelexc/hackerone-reports
Top disclosed reports from HackerOne
microcosm-cc/bluemonday
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Ascotbe/Medusa
:cat2:Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中
evilcos/xssor2
XSS'OR - Hack with JavaScript.
tom0li/collection-document
Collection of quality safety articles. Awesome articles.
0xSobky/HackVault
A container repository for my public web hacks!
terjanq/Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
ssl/ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
mganss/HtmlSanitizer
Cleans HTML to avoid XSS attacks
1N3/BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
v3n0m-Scanner/V3n0M-Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
B3nac/Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
AlisamTechnology/ATSCAN
Advanced dork Search & Mass Exploit Scanner
m4n3dw0lf/pythem
pentest framework
t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator.
nemesida-waf/waf-bypass
Check your WAF before an attacker does
hahwul/XSpear
🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
masatokinugawa/filterbypass
Browser's XSS Filter Bypass Cheat Sheet
epsylon/xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
nette/latte
☕ Latte: the safest & truly intuitive templates for PHP. Engine for those who want the most secure PHP sites.
pgaijin66/XSS-Payloads
This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.
jklmnn/imagejs
Small tool to package javascript into a valid image file.
cn-panda/JavaCodeAudit
Getting started with java code auditing 代码审计入门的小项目