DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
w3af: web application attack and audit framework, the open source web vulnerability scanner.
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
Tips on how to write exploit scripts (faster!)
Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
Helios: Automated XSS Testing
this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
Toolset for detecting reflected xss in websites
XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]
xss vulnerability scanner and input fuzzing tool.
Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML content. Widespread due to input validation lapses.
Simple machine learning based web application firewall (WAF) created in python
JSSCM detects expired domains for Stored XSS exploitation during browsing.
Simple API for storing all incoming XSS requests and various XSS templates.
Deep Security's APIs make it simple to integration with a variety of AWS Services
XSSRecon - Reflected XSS Scanner
Add a description, image, and links to the cross-site-scripting topic page so that developers can more easily learn about it.
To associate your repository with the cross-site-scripting topic, visit your repo's landing page and select "manage topics."