"topic:xss" — Search

1,285 results for “topic:xss”

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Go20.8k1.3kUpdated 8 hours ago

api-gatewayapplication-securityappsecblueteambruteforcecaptchacvecybersecurityfirewallhackershttp-floodsecurityself-hostedsql-injectionvulnerabilitywafweb-application-firewallweb-securitywebsecurityxss

cure53/DOMPurify

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

JavaScript16.7k828Updated just now

cross-site-scriptingdomdompurifyhtmljavascriptmathmlprevent-xss-attackssanitizersecuritysvgxss

s0md3v/XSStrike

Most advanced XSS scanner.

Python14.8k2.1kUpdated 2 hours ago

waf-detectionxssxss-bruteforcexss-detectionxss-exploitxss-pythonxss-scannerxsstrike

Hacker0x01/hacker101

Source code for Hacker101.com - a free online web and mobile security class.

SCSS14.4k2.7kUpdated 10 hours ago

clickjackingcsrfeducationhacker101hackeronehackingmobile-securitysecuritysession-fixationsql-injectionunchecked-redirectsvulnerabilityweb-securityxss

nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters

A list of resources for those interested in getting started in bug bounties

11.9k2.0kUpdated 1 hour ago

bug-bountybug-bounty-huntersbugbountyeducationhackershackinglearn2hackpentestssrfweb-securityxss

chaitin/xray

一款长亭自研的完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

Vue11.4k1.9kUpdated 11 hours ago

passive-vulnerability-scannerpocsecuritysqlinjectionvulnerabilityvulnerability-scannerxss

dromara/lamp-cloud

[灯灯]微服务中后台快速开发平台，支持jdk21、jdk17、jdk8，专注于多租户、开放平台解决方案，亦可作为普通项目（非SaaS架构）的基础开发框架使用，目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离等租户隔离方案。

Java5.7k1.8kUpdated 4 days ago

admincloudeurekagatewayhystrixjavajwtmybatisnacosseataspringspring-cloudspringbootspringcloudxsszuul

reddelexc/hackerone-reports

Top disclosed reports from HackerOne

Python5.4k963Updated 3 hours ago

bugbountycsrfhackeroneidorrcereportssecuritysql-injectionssrfwriteupsxssxxe

s0md3v/AwesomeXSS

Awesome XSS stuff

JavaScript5.1k776Updated 2 days ago

payloadpayload-listxssxss-cheatsheetxss-detectionxss-payloads

hahwul/dalfox

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Go4.9k515Updated 19 hours ago

bugbountybugbounty-toolcicd-pipelinedevsecopsgolanghacktoberfestsecurityvulnerabilityxssxss-bruteforcexss-detectionxss-exploitxss-scanner

CHYbeta/Web-Security-Learning

Web-Security-Learning

HTML4.3k1.0kUpdated 2 hours ago

securitysqlinjectionxss

Arachni/arachni

Web Application Security Scanner Framework

Ruby4.0k786Updated 21 hours ago

analysisarachniauditcrawlerdetectiondomhackhackingjavascriptmodularpenetration-testingrubyscannerscannerssecurity-auditsql-injectionvulnerability-detectionweb-applicationxss

foospidy/payloads

Git All the Payloads! A collection of web attack payloads.

Shell3.9k987Updated 1 day ago

appseccybersecurityhackingpasswordspayloadpayloadspentestsqliweb-attack-payloadsxss

microcosm-cc/bluemonday

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

Go3.6k195Updated 1 day ago

allowlistgogolanghtmlowaspsanitizationsecurityxss

terjanq/Tiny-XSS-Payloads

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

JavaScript2.3k216Updated 1 day ago

bugbountyctfhtmljavascriptpayloadsxss

ssl/ezXSS

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

PHP2.2k378Updated 13 hours ago

alertblindblind-xssbugbugbountyeasyeasy-to-usepayloadpenetration-testingphpredteamredteamingtestxssxss-attacksxss-detectionxss-exploitationxss-injectionxss-scannerxss-vulnerability

Ascotbe/Medusa

:cat2:Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中

Python2.2k343Updated 6 hours ago

cobaltstrikecvednslogemailexpmailmedusametasploit-frameworkpayloadpocreadteamvirusxss

evilcos/xssor2

XSS'OR - Hack with JavaScript.

JavaScript2.2k381Updated 3 days ago

csrfencodinghackhacking-toolpentestpentest-toolprobexss

tom0li/collection-document

Collection of quality safety articles. Awesome articles.

2.1k512Updated 1 day ago

awesomebounty-huntersbug-bountyclouddnsfuzzgithubhackerhackingjavalistpentestredteamresearchsecsecuritysrcwafwebxss

0xSobky/HackVault

A container repository for my public web hacks!

JavaScript2.0k274Updated 1 week ago

exploitfuzzingpayloadspentestingreconnaissanceregextrackingweb-securityxss

1N3/BlackWidow

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Python1.8k390Updated 4 days ago

activeapplicationautomatedbugbountycsrffuzzerlfiosintowasppassivepythonrcerfiscanscannerspidersqlivulnerabilitywebxss

mganss/HtmlSanitizer

Cleans HTML to avoid XSS attacks

C#1.7k222Updated 1 week ago

htmlsanitizerxss

B3nac/Android-Reports-and-Resources

A big list of Android Hackerone disclosed reports and other resources.

1.7k327Updated 1 day ago

androidandroid-repoandroid-resourceandroid-securitybugbountybypasshackeroneinfosecinsecure-data-storageintercept-broadcastssteal-fileswebviewxss

Safe3/uusec-waf

Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.

Lua1.6k159Updated 5 hours ago

api-gatewayapi-securityapplication-securitydata-maskddoshipsletsencryptmodsecurityowaspraspsecuritysql-injectionuusecuusec-wafuuwafwaapwafweb-application-firewallweb-security-gatewayxss

v3n0m-Scanner/V3n0M-Scanner

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Python1.6k420Updated 3 days ago

aiohttpasyncioblackarchcloudflared0rkdnsexploitftphackinglfimetasploitpentestingpython3scannersqlitoxintrawlingvulnerabilityvulnerability-scannersxss

AlisamTechnology/ATSCAN

Advanced dork Search & Mass Exploit Scanner

Perl1.6k359Updated 3 days ago

datadorkengineexploitationlfilinuxmass-exploitation-scannerportsportscanrfiscannersecurityservershellsqlisystemtoolsvulnerability-scannersweb-applicationxss

nemesida-waf/waf-bypass

Check your WAF before an attacker does

Python1.5k184Updated 5 hours ago

api-security-testingbypassgraphql-injectionlfinosql-injectionpath-traversalpythonpython3rcerfisqli-injectionsstiwafwaf-bypass-toolwaf-testingxss

epsylon/xsser

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

Python1.4k264Updated 8 hours ago

exploitingpentestingtoolkitxssxsser

t3l3machus/toxssin

An XSS exploitation command-line interface and payload generator.

Python1.4k195Updated 2 days ago

cross-site-scriptingexploitationhackingjavascriptpenetration-testingpentesting-toolspythonweb-penetration-testingxssxss-exploitationxss-vulnerability

hahwul/XSpearArchived

🔱 Powerfull XSS Scanning and Parameter analysis tool&gem

Ruby1.4k243Updated 1 day ago

bugbountybugbountytipsgemhackinglibrarypentestrubyscannerscanning-xssseleniumtoolwebhackingxss

Page 1 of 34