Awesome Open Source
Search
Programming Languages
Languages
All Categories
Categories
About
Search results for xss
xss
x
869 search results found
Hackingtool
⭐
40,968
ALL IN ONE Hacking Tool For Hackers
Hacker101
⭐
13,234
Source code for Hacker101.com - a free online web and mobile security class.
Xsstrike
⭐
12,689
Most advanced XSS scanner.
Dompurify
⭐
12,619
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
Jsoup
⭐
10,463
jsoup: the Java HTML parser, built for HTML editing, cleaning, scraping, and XSS safety.
Awesome Web Security
⭐
10,364
🐶 A curated list of Web Security materials and resources.
Resources For Beginner Bug Bounty Hunters
⭐
10,013
A list of resources for those interested in getting started in bug bounties
Xray
⭐
9,132
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Safeline
⭐
7,795
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。
Xss Payload List
⭐
5,533
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
Lamp Cloud
⭐
5,309
lamp-cloud 基于Jdk11 + SpringCloud + SpringBoot 开发的微服务中后台快速开发平台,专注于多租户(SaaS架构)解决方案,亦可作为普通项目(非SaaS架 等租户隔离方案。
Awesome Web Hacking
⭐
5,260
A list of web application security
Js Xss
⭐
5,010
Sanitize untrusted HTML (to prevent XSS) with a configuration specified by a Whitelist
Awesomexss
⭐
4,544
Awesome XSS stuff
Swiftsoup
⭐
4,203
SwiftSoup: Pure Swift HTML Parser, with best of DOM, CSS, and jquery (Supports Linux, iOS, Mac, tvOS, watchOS)
Web Security Learning
⭐
4,125
Web-Security-Learning
Awesome Bugbounty Writeups
⭐
3,839
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Arachni
⭐
3,632
Web Application Security Scanner Framework
Payloads
⭐
3,289
Git All the Payloads! A collection of web attack payloads.
Pikachu
⭐
3,214
一个好玩的Web安全-漏洞测试平台
Dalfox
⭐
3,047
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
Hackerone Reports
⭐
2,933
Top disclosed reports from HackerOne
Bluemonday
⭐
2,883
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Bug Bounty Reference
⭐
2,631
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
Pentest Cheat Sheets
⭐
2,064
A collection of snippets of codes and commands to make your life easier!
Devalue
⭐
1,866
Gets the job done when JSON.stringify can't
Xssor2
⭐
1,797
XSS'OR - Hack with JavaScript.
Medusa
⭐
1,741
🐈Medusa是一个红队武器库平台,目前包括XSS平台、协同平台、CVE监控、免杀生成、DNSLO
Ezxss
⭐
1,715
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
Biny
⭐
1,662
Biny is a tiny, high-performance PHP framework for web applications
Blackwidow
⭐
1,448
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Htmlsanitizer
⭐
1,447
Cleans HTML to avoid XSS attacks
Collection Document
⭐
1,416
Collection of quality safety articles. Awesome articles.
Xsscrapy
⭐
1,398
XSS spider - 66/66 wavsep XSS detected
Cms Hunter
⭐
1,372
CMS漏洞测试用例集合
V3n0m Scanner
⭐
1,342
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Android Reports And Resources
⭐
1,312
A big list of Android Hackerone disclosed reports and other resources.
Web Sec
⭐
1,300
WEB安全手册(红队安全技能栈),漏洞理解,漏洞利用,代码审计和渗透测试总结。【持续更新】
Atscan
⭐
1,270
Advanced dork Search & Mass Exploit Scanner
Client Side Prototype Pollution
⭐
1,236
Prototype Pollution and useful Script Gadgets
Tiny Xss Payloads
⭐
1,220
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Pentest Notes
⭐
1,202
Pythem
⭐
1,172
pentest framework
Toxssin
⭐
1,105
An XSS exploitation command-line interface and payload generator.
Xsshunter
⭐
1,101
The XSS Hunter service - a portable version of XSSHunter.com
Eblog
⭐
1,074
eblog是一个基于Springboot2.1.2开发的博客学习项目,为了让项目融合更多的知识点,达
Latte
⭐
1,033
☕ Latte: the safest & truly intuitive templates for PHP. Engine for those who want the most secure PHP sites.
Awesome Google Vrp Writeups
⭐
1,008
🐛 A list of writeups from the Google VRP Bug Bounty program
Sleepy Puppy
⭐
998
Sleepy Puppy XSS Payload Management Framework
Waf Bypass
⭐
970
Check your WAF before an attacker does
Xss Payloads
⭐
961
This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.
Weaponised Xss Payloads
⭐
925
XSS payloads designed to turn alert(1) into P1
Webseclab
⭐
918
set of web security test cases and a toolkit to construct new ones
Wapiti
⭐
896
Web vulnerability scanner written in Python3
Vulstudy
⭐
876
使用docker快速搭建各大漏洞靶场,目前可以一键搭建17个靶场。
Imagejs
⭐
863
Small tool to package javascript into a valid image file.
Xspear
⭐
848
Powerfull XSS Scanning and Parameter analysis tool&gem
Secdevlabs
⭐
830
A laboratory for learning secure web and mobile development in a practical manner.
0d1n
⭐
829
Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.
Xsser
⭐
814
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Redtool
⭐
757
日常积累的一些红队工具及自己写的脚本,更偏向于一些diy的好用的工具,并不是一些比较常用的msf/a
Noscript
⭐
742
The popular NoScript Security Suite browser extension.
Wargame Nexus
⭐
732
A sorted and updated list of security wargame sites.
Garud
⭐
694
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Curiefense
⭐
693
Curiefense is a unified, open source platform protecting cloud native applications.
Antenna
⭐
673
Antenna是58同城安全团队打造的一款辅助安全从业人员验证网络中多种漏洞是否存在以及可利用性的工
Injectify
⭐
658
Perform advanced MiTM attacks on websites with ease 💉
Scant3r
⭐
657
ScanT3r - Module based Bug Bounty Automation Tool
Javacodeaudit
⭐
656
Getting started with java code auditing 代码审计入门的小项目
Nuxt Security
⭐
652
🛡 Security Module for Nuxt based on HTTP Headers and Middleware
Anti Xss
⭐
639
㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
Xssfork
⭐
639
Nelmiosecuritybundle
⭐
624
Adds extra security-related features in your Symfony application
Vtest
⭐
619
用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。
Jsonpcallbackvalidator
⭐
615
JSONP callback validator.
Xssplatform
⭐
609
一个经典的XSS渗透管理平台
Xss_payloads
⭐
592
Exploitation for XSS
Uxss Db
⭐
580
🔪Browser logic vulnerabilities ☠️
Trusted Types
⭐
576
A browser API to prevent DOM-Based Cross Site Scripting in modern web applications.
Pwnxss
⭐
544
PwnXSS: Vulnerability (XSS) scanner exploit
Csp Builder
⭐
535
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
Web Frontend Magic
⭐
534
#前端黑魔法# 整理
Tracy
⭐
526
A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
Securitytips
⭐
525
Forest
⭐
523
forest(森林)——一款现代化的知识社区后台项目,使用 SpringBoot + Shiro + MyBatis + JWT + Redis 实现
Reflector
⭐
489
Burp plugin able to find reflected XSS on page in real-time while browsing on site
Findom Xss
⭐
487
A fast DOM based XSS vulnerability scanner with simplicity.
Jsshell
⭐
486
JSshell - JavaScript reverse/remote shell
Xsschef
⭐
486
Chrome extension Exploitation Framework
Striptags
⭐
468
An implementation of PHP's strip_tags in Typescript.
Owasp Java Encoder
⭐
468
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!
Aem Hacker
⭐
460
Godnslog
⭐
457
An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability
Tarantula
⭐
453
a big hairy fuzzy spider that crawls your site, wreaking havoc
Ant
⭐
440
实时上线的 XSS 盲打平台
Xss Listener
⭐
425
🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
Pybelt
⭐
423
The hackers tool belt
Bxss
⭐
420
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
Burp Suite Certified Practitioner Exam Study
⭐
419
Burp Suite Certified Practitioner Exam Study
Wscan
⭐
415
Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.
1-100 of 869 search results
Next >
Privacy
|
About
|
Terms
|
Follow Us On Twitter
Copyright 2018-2024 Awesome Open Source. All rights reserved.