cross-site-scripting

Star

Here are 125 public repositories matching this topic...

Language:All

Filter by language

All125 Python29 JavaScript17 PHP15 HTML6 C3 C#3 CSS3 TypeScript3 EJS2 Go2

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

cure53 /DOMPurify

Sponsor

Star15.5k

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

javascript svg html security dom xss mathml sanitizer dompurify cross-site-scripting prevent-xss-attacks

UpdatedJul 17, 2025
JavaScript

payloadbox /xss-payload-list

Star7.3k

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

xss xss-vulnerability xss-scanners bugbounty xss-scanner xss-exploitation xss-detection payload payloads xss-attacks xss-injection websecurity dom-based xss-poc cross-site-scripting reflected-xss-vulnerabilities website-vulnerability xss-payloads self-xss xss-payload

UpdatedJul 18, 2024

andresriancho /w3af

Star4.7k

w3af: web application attack and audit framework, the open source web vulnerability scanner.

security scanner sql-injection appsec cross-site-scripting

UpdatedFeb 22, 2023
Python

t3l3machus /toxssin

Sponsor

Star1.4k

An XSS exploitation command-line interface and payload generator.

javascript python hacking xss penetration-testing xss-vulnerability exploitation xss-exploitation web-penetration-testing cross-site-scripting pentesting-tools

UpdatedJan 19, 2025
Python

paragonie /csp-builder

Star543

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

php http security csp xss http-header content-security-policy secure-by-default easy-to-use csp-header json-configuration csp-builder cross-site-scripting

UpdatedJan 3, 2025
PHP

LewisArdern /bXSS

Star541

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

security xss infosec bugbounty blueteam cross-site-scripting bxss

UpdatedMar 4, 2023
JavaScript

rizemon /exploit-writing-for-oswe

Star503

Tips on how to write exploit scripts (faster!)

python xss python3 requests sqli sql-injection web-exploitation cross-site-scripting oswe awae oswe-prep awae-prep

UpdatedJul 15, 2024

ethicalhackingplayground /bxss

Sponsor

Star321

Blind XSS Scanner is a tool that can be used to scan for blind XSS vulnerabilities in web applications.

bugbounty blind-xss cross-site-scripting pentesting-tools

UpdatedMay 28, 2025
Go

Sharpforce /XSS-Exploitation-Tool

Star318

An XSS Exploitation Tool

xss xss-attacks cross-site-scripting

UpdatedJun 26, 2025
PHP

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

python command-line scanner injection remote xss cybersecurity rce sql-injection vulnerability vulnerability-detection vulnerability-scanners ssrf lfi sqlinjection command-injection xxe-injection cross-site-scripting remote-code-execution sql-injection-remote-code-execution-cross-site

UpdatedJun 21, 2025
Python

Stuub /Helios

Star154

Helios: Automated XSS Testing

python xss owasp cybersecurity penetration-testing cve offensive-security red-team code-execution cross-site-scripting cve-2024 stuub

UpdatedAug 3, 2024
Python

Proviesec /xss-payload-list

Star118

xss-payload-list

security xss pentesting bugbounty cross-site-scripting

UpdatedJul 25, 2024
JavaScript

moeinfatehi /xss_vulnerability_challenges

Star117

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

xss owasp penetration-testing xss-vulnerability infosec application-security pentesting xss-exploitation xss-detection xss-attacks input-validation owasp-top-10 owasp-top-ten xss-filter cross-site-scripting appsecurity

UpdatedMay 25, 2022
PHP

dipakpanchal05 /CVE-2022-23808

Star116

phpMyAdmin XSS

database exploit hacking xss owasp phpmyadmin poc vulnerability infosec pentesting bugbounty exploitation owasp-top-10 redteaming zeroday redteam cross-site-scripting

UpdatedOct 26, 2024

Damian89 /xssfinder

Star115

Toolset for detecting reflected xss in websites

xss python3 pentesting bugbounty vulnerability-detection itsecurity cross-site-scripting

UpdatedOct 7, 2018
Python

jackaduma /NLP4CyberSecurity

Star87

NLP model and tech for cyber security tasks

nlp machine-learning deep-learning text-classification cybersecurity password-strength sql-injection cyber-security nlp-machine-learning code-injection network-security phishing-attacks xss-injection command-injection cross-site-scripting malicious-url-detection phishing-detection cross-site-scripting-proof nlp-deep-learning

UpdatedMar 22, 2023
Jupyter Notebook

The404Hacking /XsSCan

Star85

XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]

python security scanner hacking xss scan subdomain xss-vulnerability security-scanner cross-site-scripting the404hacking xssscan

UpdatedNov 22, 2018
Python

xadhrit /xira

Star63

xss vulnerability scanner and input fuzzing tool.

python3 vulnerability-scanners web-hacking cross-site-scripting pentesting-tools

UpdatedApr 8, 2023
Python

Encryptor-Sec /XSSearch

Star59

XSSearch is a comprehensive reflected XSS tool built on selenium framework in python language. It contains more than 3000 payloads for automating XSS attacks and validating XSS endpoint

linux xss python3 selenium-webdriver command-line-tool bugbounty xss-scanner xss-detection cross-site-scripting xss-payloads xss-finder reflect-xss