Awesome Open Source
Awesome Open Source


contributions welcome

FinDOM-XSS is a tool that allows you to finding for possible and/ potential DOM based XSS vulnerability in a fast manner.



$ git clone --recurse-submodules

Dependencies: LinkFinder


To run the tool on a target, just use the following command.

$ ./ https://domain.tld/about-us.html

This will run the tool against domain.tld.

URLs can also be piped to findom-xss and scan on them. For example:

$ cat urls.txt | ./

The second argument can be used to specify an output file.

$ ./ https://domain.tld/about-us.html /path/to/output.txt

By default, output will be stored in the results/ directory in the repository with domain.tld.txt name.


FinDOM-XSS is licensed under the Apache. Take a look at the LICENSE for more information.


Alternative Project Comparisons
Related Awesome Lists
Top Programming Languages
Top Projects

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
Shell (170,989
Vulnerabilities (15,541
Scanner (13,985
Dom (10,542
Penetration Testing (3,116
Xss (1,734
Xss Vulnerability (101
Bugbountytips (55
Xss Scanner (54