Trending repositories for topic xss
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it opera...
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
A list of resources for those interested in getting started in bug bounties
Burp Suite Certified Practitioner Exam Study
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it opera...
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
Burp Suite Certified Practitioner Exam Study
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
An XSS exploitation command-line interface and payload generator.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
A list of resources for those interested in getting started in bug bounties
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it opera...
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
A list of resources for those interested in getting started in bug bounties
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Burp Suite Certified Practitioner Exam Study
Source code for Hacker101.com - a free online web and mobile security class.
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it opera...
DOM Clobbering Wiki, Browser Testing, and Payload Generation
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
Burp Suite Certified Practitioner Exam Study
OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it opera...
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
A list of resources for those interested in getting started in bug bounties
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
lamp-cloud 基于Jdk11 + SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Source code for Hacker101.com - a free online web and mobile security class.
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
An powerful bash script for massive XSS scanning leveraging Brute Logic's KNOXSS API
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it opera...
functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
Diccionarios de: usuarios, passwords, XSS, Dorks, etc .. ( hackingyseguridad.com )
Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI
DOM Clobbering Wiki, Browser Testing, and Payload Generation
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that m...
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
Burp Suite Certified Practitioner Exam Study
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that m...
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.
Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.
An powerful bash script for massive XSS scanning leveraging Brute Logic's KNOXSS API
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it opera...
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
A list of resources for those interested in getting started in bug bounties
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Source code for Hacker101.com - a free online web and mobile security class.
Burp Suite Certified Practitioner Exam Study
lamp-cloud 基于Jdk11 + SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
An XSS exploitation command-line interface and payload generator.
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
:cat2:Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLOG、钓鱼邮件、文件获取等功能,持续开发中
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it opera...
An powerful bash script for massive XSS scanning leveraging Brute Logic's KNOXSS API
.NetCore常用工具库(常用正则表达式、日期时间常用方法、XML快速遍历、动态扩展对象、图片验证码生成、阿里/腾讯短信发送、发送邮件、Json配置文件解析、加密解密、OSS文件上传等,持续继承中...)
Burp Suite Certified Practitioner Exam Study
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
Diccionarios de: usuarios, passwords, XSS, Dorks, etc .. ( hackingyseguridad.com )
Burp Suite's extension to scan and crawl Single Page Applications
Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI
