cross-site-scripting

Star

Here are 139 public repositories matching this topic...

Language:All

Filter by language

All139 Python33 JavaScript17 PHP15 HTML6 C3 C#3 CSS3 Shell3 TypeScript3 EJS2

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

cure53 /DOMPurify

Sponsor

Star16.4k

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

javascript svg html security dom xss mathml sanitizer dompurify cross-site-scripting prevent-xss-attacks

UpdatedDec 8, 2025
JavaScript

payloadbox /xss-payload-list

Star7.8k

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

xss xss-vulnerability xss-scanners bugbounty xss-scanner xss-exploitation xss-detection payload payloads xss-attacks xss-injection websecurity dom-based xss-poc cross-site-scripting reflected-xss-vulnerabilities website-vulnerability xss-payloads self-xss xss-payload

UpdatedJul 18, 2024

andresriancho /w3af

Star4.8k

w3af: web application attack and audit framework, the open source web vulnerability scanner.

security scanner sql-injection appsec cross-site-scripting

UpdatedFeb 22, 2023
Python

t3l3machus /toxssin

Sponsor

Star1.4k

An XSS exploitation command-line interface and payload generator.

javascript python hacking xss penetration-testing xss-vulnerability exploitation xss-exploitation web-penetration-testing cross-site-scripting pentesting-tools

UpdatedJan 19, 2025
Python

LewisArdern /bXSS

Star560

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

security xss infosec bugbounty blueteam cross-site-scripting bxss

UpdatedMar 4, 2023
JavaScript

paragonie /csp-builder

Star541

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

php http security csp xss http-header content-security-policy secure-by-default easy-to-use csp-header json-configuration csp-builder cross-site-scripting

UpdatedJan 3, 2025
PHP

rizemon /exploit-writing-for-oswe

Star534

Tips on how to write exploit scripts (faster!)

python xss python3 requests sqli sql-injection web-exploitation cross-site-scripting oswe awae oswe-prep awae-prep

UpdatedJul 15, 2024

ethicalhackingplayground /bxss

Sponsor

Star373

Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.

bugbounty blind-xss cross-site-scripting pentesting-tools

UpdatedMay 28, 2025
Go

Sharpforce /XSS-Exploitation-Tool

Star331

An XSS Exploitation Tool

xss xss-attacks cross-site-scripting

UpdatedDec 5, 2025
PHP

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

python command-line scanner injection remote xss cybersecurity rce sql-injection vulnerability vulnerability-detection vulnerability-scanners ssrf lfi sqlinjection command-injection xxe-injection cross-site-scripting remote-code-execution sql-injection-remote-code-execution-cross-site

UpdatedDec 10, 2025
Python

Stuub /Helios

Star159

Helios: Automated XSS Testing

python xss owasp cybersecurity penetration-testing cve offensive-security red-team code-execution cross-site-scripting cve-2024 stuub

UpdatedAug 3, 2024
Python

Proviesec /xss-payload-list

Star126

xss-payload-list

security xss pentesting bugbounty cross-site-scripting

UpdatedJul 25, 2024
JavaScript

moeinfatehi /xss_vulnerability_challenges

Star118

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

xss owasp penetration-testing xss-vulnerability infosec application-security pentesting xss-exploitation xss-detection xss-attacks input-validation owasp-top-10 owasp-top-ten xss-filter cross-site-scripting appsecurity

UpdatedMay 25, 2022
PHP

dipakpanchal05 /CVE-2022-23808

Star113

phpMyAdmin XSS

database exploit hacking xss owasp phpmyadmin poc vulnerability infosec pentesting bugbounty exploitation owasp-top-10 redteaming zeroday redteam cross-site-scripting

UpdatedOct 26, 2024

Damian89 /xssfinder

Star113

Toolset for detecting reflected xss in websites

xss python3 pentesting bugbounty vulnerability-detection itsecurity cross-site-scripting

UpdatedOct 7, 2018
Python

jackaduma /NLP4CyberSecurity

Star87

NLP model and tech for cyber security tasks

nlp machine-learning deep-learning text-classification cybersecurity password-strength sql-injection cyber-security nlp-machine-learning code-injection network-security phishing-attacks xss-injection command-injection cross-site-scripting malicious-url-detection phishing-detection cross-site-scripting-proof nlp-deep-learning

UpdatedMar 22, 2023
Jupyter Notebook

The404Hacking /XsSCan

Star86

XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]

python security scanner hacking xss scan subdomain xss-vulnerability security-scanner cross-site-scripting the404hacking xssscan

UpdatedNov 22, 2018
Python

MrPr0fessor /Google-Dorks-for-Cross-site-Scripting-XSS

Star64

Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML content. Widespread due to input validation lapses.

xss xss-vulnerability cyber vulnerability-detection cyber-security vulnerability-scanners vulnerability-assessment google-dorks web-penetration-testing web-application-security cross-site-scripting xss-payloads xss-payload penetration-testing-tools ethical-hacking-tools find-xss