Trending repositories for topic xss
serve as a reverse proxy to protect your web services from attacks and exploits.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
A list of resources for those interested in getting started in bug bounties
Source code for Hacker101.com - a free online web and mobile security class.
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI
Burp Suite Certified Practitioner Exam Study
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes
functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes
functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.
Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI
serve as a reverse proxy to protect your web services from attacks and exploits.
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
Burp Suite Certified Practitioner Exam Study
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
An XSS exploitation command-line interface and payload generator.
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
A list of resources for those interested in getting started in bug bounties
Source code for Hacker101.com - a free online web and mobile security class.
serve as a reverse proxy to protect your web services from attacks and exploits.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
A list of resources for those interested in getting started in bug bounties
Source code for Hacker101.com - a free online web and mobile security class.
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
lamp-cloud 支持jdk21、jdk17、jdk11、jdk8,ta基于 SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.
INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes
functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.
serve as a reverse proxy to protect your web services from attacks and exploits.
Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI
XSSRocket it is a tool designed for offensive security and XSS (Cross-Site Scripting) attacks.
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
A fast DOM based XSS vulnerability scanner with simplicity.
serve as a reverse proxy to protect your web services from attacks and exploits.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
A list of resources for those interested in getting started in bug bounties
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
A big list of Android Hackerone disclosed reports and other resources.
Source code for Hacker101.com - a free online web and mobile security class.
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
An XSS exploitation command-line interface and payload generator.
lamp-cloud 支持jdk21、jdk17、jdk11、jdk8,ta基于 SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes
🚀 XSSFUZZ - A tool for detecting XSS vulnerabilities in web applications.
Dork Search , Vulnerability Scanner ,SQL Injection , XSS , LFI ,RFI
Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML conte...
serve as a reverse proxy to protect your web services from attacks and exploits.
XSSRocket it is a tool designed for offensive security and XSS (Cross-Site Scripting) attacks.
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
libinjection is a Golang port of the libinjection(https://github.com/client9/libinjection)
Tests URLs for Local File Inclusion (LFI), Remote File Inclusion (RFI), SQL injection (SQLi), and Cross Site Scripting (XSS), Server Side Template Injection (SSTI), and Open Redirects.
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.
A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
A big list of Android Hackerone disclosed reports and other resources.
Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
🚀 XSSFUZZ - A tool for detecting XSS vulnerabilities in web applications.
A powerful bash script for massive XSS scanning leveraging Brute Logic's KNOXSS API
INE/eLearnSecurity Web Application Penetration Tester (eWPTv2) Notes
serve as a reverse proxy to protect your web services from attacks and exploits.
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
A list of resources for those interested in getting started in bug bounties
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Source code for Hacker101.com - a free online web and mobile security class.
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
lamp-cloud 支持jdk21、jdk17、jdk11、jdk8,ta基于 SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架构)的基础开发框架使用,目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。
🛡 Automatically configure your app to follow OWASP security patterns and principles by using HTTP Headers and Middleware
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
Burp Suite Certified Practitioner Exam Study
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist
Google Dork List - Uncover the Hidden Gems of the Internet ( There are at least 320+ categories )
A powerful bash script for massive XSS scanning leveraging Brute Logic's KNOXSS API
Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML conte...
A powerful asynchronous XSS scanner supporting up to 1,500 concurrent requests.
Beyond XSS: Explore the Web Front-end Security Universe. A series about front-end security
[V5] This will help you setup a grabber with the following features: History, Passwords, Tokens, Cookies, Emails, IP Adresses, Roblox Login Information, Windows Keys, Computer Information.
List of every possible vulnerabilities in computer security.
serve as a reverse proxy to protect your web services from attacks and exploits.
🔥 Repo related to my FrontendMasters course. An Advanced Web Dev Quiz that covers a wide range of the things web devs get to deal with on a daily basis.
Diccionarios de: usuarios, passwords, XSS, Dorks, etc .. ( hackingyseguridad.com )
functions to exploit common web application vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), Server-Side Request Forgery (SSRF), and Path Traversal.