Topic: xss Goto Github

👇 Here are 908 public repositories matching this topic...

0xsobky / hackvault
xss,A container repository for my public web hacks!
User: 0xsobky
payloads web-security pentesting tracking fuzzing regex reconnaissance xss exploit

1n3 / blackwidow
xss,A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
User: 1n3
Home Page: https://sn1persecurity.com
active application automated bugbounty csrf fuzzer lfi osint owasp passive python rce rfi scan scanner spider sqli vulnerability web xss

alisamtechnology / atscan
xss,Advanced dork Search & Mass Exploit Scanner
User: alisamtechnology
dork server engine scanner xss lfi rfi ports exploitation sqli

arachni / arachni
xss,Web Application Security Scanner Framework
Organization: arachni
Home Page: http://www.arachni-scanner.com
arachni dom ruby audit detection security-audit analysis modular javascript scanners web-application vulnerability-detection crawler scanner hack hacking penetration-testing xss sql-injection

ascotbe / medusa
xss,:cat2:Medusa是一个红队武器库平台，目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能，持续开发中
User: ascotbe
Home Page: http://medusa.ascotbe.com
poc exp payload medusa cve xss readteam dnslog virus email

b3nac / android-reports-and-resources
xss,A big list of Android Hackerone disclosed reports and other resources.
User: b3nac
android hackerone android-repo android-security android-resource bugbounty infosec xss steal-files bypass

baroshem / nuxt-security
xss,🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
User: baroshem
Home Page: https://nuxt-security.vercel.app/
module nuxt owasp security vue basic-authentication cors rate-limiting xss csrf

botesjuan / burp-suite-certified-practitioner-exam-study
xss,Burp Suite Certified Practitioner Exam Study
User: botesjuan
payload pentesting vulnerability xss bscp burp portswigger

chaitin / safeline
xss,serve as a reverse proxy to protect your web services from attacks and exploits.
Organization: chaitin
Home Page: https://waf.chaitin.com
api-gateway application-security appsec blueteam bruteforce captcha cve cybersecurity firewall hackers http-flood security self-hosted sql-injection vulnerability waf web-application-firewall web-security websecurity xss

chaitin / xray
xss,一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Organization: chaitin
Home Page: https://docs.xray.cool
passive-vulnerability-scanner poc security sqlinjection vulnerability vulnerability-scanner xss

chybeta / web-security-learning
xss,Web-Security-Learning
User: chybeta
Home Page: https://chybeta.github.io/2017/08/19/Web-Security-Learning/
security sqlinjection xss

cn-panda / javacodeaudit
xss,Getting started with java code auditing 代码审计入门的小项目
User: cn-panda
Home Page: https://www.cnpanda.net
vulnerability-analysis ssrf java rce fastjson jackson xss sql code weblogic

cure53 / dompurify
xss,DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
User: cure53
Home Page: https://cure53.de/purify
cross-site-scripting dom dompurify html javascript mathml prevent-xss-attacks sanitizer security svg xss

dromara / lamp-cloud
xss,lamp-cloud 基于jdk21、jdk17、jdk11、jdk8 + SpringCloud + SpringBoot 开发的微服务中后台快速开发平台，专注于多租户(SaaS架构)解决方案，亦可作为普通项目（非SaaS架构）的基础开发框架使用，目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
Organization: dromara
Home Page: http://tangyh.top
springcloud springboot eureka zuul spring spring-cloud nacos seata gateway xss

dwisiswant0 / findom-xss
xss,A fast DOM based XSS vulnerability scanner with simplicity.
User: dwisiswant0
bugbounty bugbountytips xss xss-scanner pentest pentesting findom-xss

epsylon / xsser
xss,Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
User: epsylon
Home Page: https://xsser.03c8.net
xsser pentesting toolkit xss exploiting

evilcos / xssor2
xss,XSS'OR - Hack with JavaScript.
User: evilcos
probe pentest-tool xss csrf encoding hacking-tool pentest hack

foospidy / payloads
xss,Git All the Payloads! A collection of web attack payloads.
User: foospidy
payload payloads xss sqli web-attack-payloads passwords pentest hacking appsec cybersecurity

hackademix / noscript
xss,The popular NoScript Security Suite browser extension.
User: hackademix
Home Page: https://noscript.net/
noscript xss spectre trust meltdown

hacker0x01 / hacker101
xss,Source code for Hacker101.com - a free online web and mobile security class.
Organization: hacker0x01
Home Page: https://www.hacker101.com
education hacking security hackerone hacker101 xss clickjacking csrf web-security session-fixation

hahwul / dalfox
xss,🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
User: hahwul
Home Page: https://dalfox.hahwul.com
xss security bugbounty bugbounty-tool golang xss-scanner devsecops cicd-pipeline vulnerability xss-detection

hahwul / xspear
xss,🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
User: hahwul
xss hacking bugbounty pentest scanner tool gem ruby library scanning-xss

hannoch / scaner
xss,扫描器是来自GitHub平台的开源扫描器的集合，包括子域枚举、数据库漏洞扫描器、弱密码或信息泄漏扫描器、端口扫描器、指纹扫描器以及其他大规模扫描仪、模块扫描器等。对于其他著名的扫描工具，如：awvs、nmap，w3af将不包含在集合范围内。
User: hannoch
port-scan domain-scanning fingerprint-scanning xss-scanner xss collection-tool hacktools

jklmnn / imagejs
xss,Small tool to package javascript into a valid image file.
User: jklmnn
injection xss

knassar702 / scant3r
xss,ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
User: knassar702
Home Page: https://scant3r.knas.me/
bugbounty module-pattern pentesting security-tools web-scanners xss bug-bounty infosec penetration-testing

m4n3dw0lf / pythem
xss,pentest framework
User: m4n3dw0lf
pentest sniffer brute-force man-in-the-middle scanner xss proxy spoof denial-of-service exploit

masatokinugawa / filterbypass
xss,Browser's XSS Filter Bypass Cheat Sheet
User: masatokinugawa
cheatsheet pentest security xss

metnew / uxss-db
xss,🔪Browser logic vulnerabilities :skull_and_crossbones:
User: metnew
Home Page: https://uxss-db.now.sh/
browser cve javascript security vulnerability xss

mganss / htmlsanitizer
xss,Cleans HTML to avoid XSS attacks
User: mganss
xss html sanitizer

microcosm-cc / bluemonday
xss,bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Organization: microcosm-cc
Home Page: https://github.com/microcosm-cc/bluemonday
sanitization html security xss go owasp allowlist golang

nahamsec / resources-for-beginner-bug-bounty-hunters
xss,A list of resources for those interested in getting started in bug bounties
User: nahamsec
bug-bounty-hunters hackers xss bug-bounty learn2hack hacking pentest web-security education ssrf

nelmio / nelmiosecuritybundle
xss,Adds extra security-related features in your Symfony application
Organization: nelmio
Home Page: https://symfony.com/bundles/NelmioSecurityBundle/
bundle csp hsts https php security symfony xss

nemesida-waf / waf-bypass
xss,Check your WAF before an attacker does
Organization: nemesida-waf
Home Page: https://nemesida-waf.com
waf python3 bypass python rce xss waf-bypass-tool api-security-testing lfi nosql-injection

nette / latte
xss,☕ Latte: the safest & truly intuitive templates for PHP. Engine for those who want the most secure PHP sites.
Organization: nette
Home Page: https://latte.nette.org
content-aware html latte nette nette-framework php safety security security-hole template-engine xss

payloadbox / xss-payload-list
xss,🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Organization: payloadbox
Home Page: https://ismailtasdelen.medium.com
xss xss-payloads xss-vulnerability xss-exploitation xss-detection xss-attacks xss-scanner xss-injection xss-poc xss-scanners

pgaijin66 / xss-payloads
xss,This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.
User: pgaijin66
xss xss-payloads advanced-xss

reddelexc / hackerone-reports
xss,Top disclosed reports from HackerOne
User: reddelexc
writeups hackerone bugbounty reports xss xxe sql-injection csrf idor rce

s0md3v / awesomexss
xss,Awesome XSS stuff
User: s0md3v
xss payload xss-payloads payload-list xss-detection xss-cheatsheet

s0md3v / xsstrike
xss,Most advanced XSS scanner.
User: s0md3v
xss xss-scanner xss-exploit xss-bruteforce xss-python xss-detection xsstrike waf-detection

samdenty / injectify
xss,Perform advanced MiTM attacks on websites with ease 💉
User: samdenty
Home Page: https://injectify.js.org
mitm xss console-replication typescript nodejs modular reactjs redux webpack github-oauth mongodb

security-prince / application-security-engineer-interview-questions
xss,Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
User: security-prince
security-engineer-interview webappsec appsec devsecops infosec application-security vulnerability sdlc xss interview-questions

ssl / ezxss
xss,ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
User: ssl
Home Page: https://ezxss.com
payload xss blind php test xss-vulnerability xss-exploitation xss-detection xss-attacks xss-injection xss-scanner blind-xss easy-to-use easy bug bugbounty penetration-testing alert redteam redteaming

t3l3machus / toxssin
xss,An XSS exploitation command-line interface and payload generator.
User: t3l3machus
cross-site-scripting exploitation javascript penetration-testing pentesting-tools python web-penetration-testing xss-exploitation xss-vulnerability hacking xss

terjanq / tiny-xss-payloads
xss,A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
User: terjanq
Home Page: https://tinyxss.terjanq.me/
xss javascript html ctf bugbounty payloads

thekingofduck / easyxsspayload
xss,XssPayload List . Usage:
User: thekingofduck
Home Page: https://xz.aliyun.com/t/4985
xss xsspayload xss-poc xss-vulnerability xss-injection

tom0li / collection-document
xss,Collection of quality safety articles. Awesome articles.
User: tom0li
Home Page: https://tom0li.github.io/
dns pentest list security sec hacking src bug-bounty fuzz xss

v3n0m-scanner / v3n0m-scanner
xss,Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Organization: v3n0m-scanner
python3 asyncio lfi sqli xss scanner metasploit blackarch cloudflare hacking

voku / anti-xss
xss,㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
User: voku
php xss xss-attacks html-character composer hacktoberfest

wuba / antenna
xss,Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工具。其基于带外应用安全测试(OAST)通过任务的形式，将不同漏洞场景检测能力通过插件的形式进行集合，通过与目标进行out-bind的数据通信方式进行辅助检测。
Organization: wuba
Home Page: http://blog.antenna.cool
oast antenna ftp http jsonp ldap mysql rmi xss django

yagamiilight / cerberus
xss,一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
User: yagamiilight
bypass hacking-tool middleware penetration-testing proxy python security-tools sql-injection ssrf waf websecurity xss