Project Name	Stars	Most Recent Commit	Open Issues	License	Language
Hacker101	13,234	4 months ago	23	other	SCSS
Source code for Hacker101.com - a free online web and mobile security class.
Awesome Web Security	10,364	3 months ago	34
🐶 A curated list of Web Security materials and resources.
Resources For Beginner Bug Bounty Hunters	10,013	3 months ago	40
A list of resources for those interested in getting started in bug bounties
Safeline	7,795	3 months ago	174	other	C++
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术，作为反向代理接入，保护你的网站不受黑客攻击。
Xss Payload List	5,533	4 months ago	3	mit
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Awesome Web Hacking	5,260	3 months ago	2	mit
A list of web application security
Cerberus	246	4 years ago	5		Python
一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产进行批量漏洞扫描，中间件信息收集，自动收集ip代理，探测Waf信息时自动使用来保护本机真实Ip，在本机Ip被Waf杀死后，自动切换代理Ip进行扫描，Waf信息收集(国内外100+款waf信息)包括安全狗，云锁，阿里云，云盾，腾讯云等，提供部分已知waf bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能
Web Security Fundamentals	245	9 months ago	39	bsd-3-clause	JavaScript
Mike North's Web Security Course
Domxssscanner	175	5 years ago	4		HTML
DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities
Shuriken	130	7 months ago		mit	Python
Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Alternatives To Xss Payload List

Select To Compare

Hacker101 ⭐ 13,234

Source code for Hacker101.com - a free online web and mobile security class.

most recent commit 4 months ago

Awesome Web Security ⭐ 10,364

🐶 A curated list of Web Security materials and resources.

most recent commit 3 months ago

Resources For Beginner Bug Bounty Hunters ⭐ 10,013

A list of resources for those interested in getting started in bug bounties

most recent commit 3 months ago

Safeline ⭐ 7,795

一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术，作为反向代理接入，保护你的网站不受黑客攻击。

most recent commit 3 months ago

Xss Payload List ⭐ 5,533

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

most recent commit 4 months ago

Awesome Web Hacking ⭐ 5,260

A list of web application security

most recent commit 3 months ago

Cerberus ⭐ 246

一款功能强大的漏洞扫描器，子域名爆破使用aioDNS，asyncio异步快速扫描，覆盖目标全方位资产 bypass 方案，中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)，支持SQ XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能

most recent commit 4 years ago

Web Security Fundamentals ⭐ 245

Mike North's Web Security Course

most recent commit 9 months ago

Domxssscanner ⭐ 175

DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities

most recent commit 5 years ago

Shuriken ⭐ 130

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

most recent commit 7 months ago

Suggest An Alternative To xss-payload-list

Alternative Project Comparisons

Xss Payload List vs Hacker101

Xss Payload List vs Awesome Web Security

Xss Payload List vs Resources For Beginner Bug Bounty Hunters

Xss Payload List vs Safeline

Xss Payload List vs Awesome Web Hacking

Xss Payload List vs Cerberus

Xss Payload List vs Web Security Fundamentals

Xss Payload List vs Domxssscanner

Xss Payload List vs Shuriken

Popular Xss Projects

Hackingtool ⭐ 40,968

ALL IN ONE Hacking Tool For Hackers

most recent commit 5 months ago

Dompurify ⭐ 12,619

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

dependent packages 1,678total releases 99latest release September 28, 2023most recent commit a month ago

Xsstrike ⭐ 12,619

Most advanced XSS scanner.

most recent commit a month ago

Jsoup ⭐ 10,463

jsoup: the Java HTML parser, built for HTML editing, cleaning, scraping, and XSS safety.

dependent packages 1,763total releases 44latest release November 27, 2023most recent commit 3 months ago

Xray ⭐ 9,132

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

most recent commit 5 months ago

Popular Web Application Security Projects

Mobile Security Framework Mobsf ⭐ 16,123

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

total releases 13latest release August 28, 2023most recent commit a month ago

Wstg ⭐ 6,220

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

most recent commit 4 months ago

Sql Injection Payload List ⭐ 3,966

🎯 SQL Injection Payload List

most recent commit 4 months ago

Bunkerweb ⭐ 3,410

🛡️ Make your web services secure by default !

total releases 14latest release October 30, 2023most recent commit 14 days ago

Awesome Cve Poc ⭐ 2,816

✍️ A curated list of CVE PoCs.

most recent commit 2 years ago

Popular Security Categories