DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
w3af: web application attack and audit framework, the open source web vulnerability scanner.
An XSS exploitation command-line interface and payload generator.
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
Tips on how to write exploit scripts (faster!)
Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
Helios: Automated XSS Testing
xss-payload-list
this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
phpMyAdmin XSS
Toolset for detecting reflected xss in websites
NLP model and tech for cyber security tasks
XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]
xss vulnerability scanner and input fuzzing tool.
XSSearch is a comprehensive reflected XSS tool built on selenium framework in python language. It contains more than 3000 payloads for automating XSS attacks and validating XSS endpoint
Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML content. Widespread due to input validation lapses.
Add a description, image, and links to the cross-site-scripting topic page so that developers can more easily learn about it.
To associate your repository with the cross-site-scripting topic, visit your repo's landing page and select "manage topics."