Projects in Awesome Lists tagged with cross-site-scripting
A curated list of projects in awesome lists tagged with cross-site-scripting .
https://github.com/cure53/dompurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
cross-site-scripting dom dompurify html javascript mathml prevent-xss-attacks sanitizer security svg xss
Last synced: 12 May 2025
https://github.com/cure53/DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
cross-site-scripting dom dompurify html javascript mathml prevent-xss-attacks sanitizer security svg xss
Last synced: 24 Mar 2025
https://github.com/payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
bugbounty cross-site-scripting dom-based payload payloads reflected-xss-vulnerabilities self-xss websecurity website-vulnerability xss xss-attacks xss-detection xss-exploitation xss-injection xss-payload xss-payloads xss-poc xss-scanner xss-scanners xss-vulnerability
Last synced: 24 Mar 2025
https://github.com/andresriancho/w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
appsec cross-site-scripting scanner security sql-injection
Last synced: 14 May 2025
https://github.com/t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator.
cross-site-scripting exploitation hacking javascript penetration-testing pentesting-tools python web-penetration-testing xss xss-exploitation xss-vulnerability
Last synced: 13 Apr 2025
https://github.com/paragonie/csp-builder
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
content-security-policy cross-site-scripting csp csp-builder csp-header easy-to-use http http-header json-configuration php secure-by-default security xss
Last synced: 14 May 2025
https://github.com/LewisArdern/bXSS
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Last synced: 02 Apr 2025
https://github.com/lewisardern/bxss
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Last synced: 02 Apr 2025
https://github.com/rizemon/exploit-writing-for-oswe
Tips on how to write exploit scripts (faster!)
awae awae-prep cross-site-scripting oswe oswe-prep python python3 requests sql-injection sqli web-exploitation xss
Last synced: 05 Apr 2025
https://github.com/Sharpforce/XSS-Exploitation-Tool
An XSS Exploitation Tool
cross-site-scripting xss xss-attacks
Last synced: 20 Apr 2025
https://github.com/Proviesec/xss-payload-list
xss-payload-list
bugbounty cross-site-scripting pentesting security xss
Last synced: 10 Mar 2025
https://github.com/jackaduma/nlp4cybersecurity
NLP model and tech for cyber security tasks
code-injection command-injection cross-site-scripting cross-site-scripting-proof cyber-security cybersecurity deep-learning machine-learning malicious-url-detection network-security nlp nlp-deep-learning nlp-machine-learning password-strength phishing-attacks phishing-detection sql-injection text-classification xss-injection
Last synced: 27 Apr 2025
https://github.com/the404hacking/xsscan
XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]
cross-site-scripting hacking python scan scanner security security-scanner subdomain the404hacking xss xss-vulnerability xssscan
Last synced: 13 May 2025
https://github.com/thenewattacker64/beefauto
Automating Beef to use over wan without configuring your router
automation beef-over-wan beef-xss cross-site-scripting hacking-tool hook-browser kali-linux ngrok phishing tool
Last synced: 22 Apr 2025
https://github.com/ivan-sincek/xss-catcher
Simple API for storing all incoming XSS requests and various XSS templates.
api blind-xss bug-bounty cors cross-origin-resource-sharing cross-site-request-forgery cross-site-scripting csrf ethical-hacking javascript offensive-security penetration-testing php red-team-engagement security web web-penetration-testing xss
Last synced: 19 Dec 2024
https://github.com/michaeluno/php-simple-web-scraper
A PHP application which runs on Heroku and dumps web site outputs including JavaScript generated contents.
cross-domain cross-domain-request cross-domain-solution cross-origin cross-origin-resource-sharing cross-site cross-site-scripting crowler heroku heroku-application phantomjs php proxy scraper web-scraper
Last synced: 23 Apr 2025
https://github.com/byt3n33dl3/ronin
Ronin the Shogun for XSS and XSRF Attacks.
crlf cross-site-request-forgery cross-site-scripting injection-attacks ronin ssrf xss
Last synced: 13 Apr 2025
https://github.com/thomashartm/burp-domsink-logger
Injects a trusted types policy into an HTML page to log all DOM sinks whenever HTML is written into the DOM.
burp burp-extensions burp-plugin burpsuite-extender cross-site-scripting domxss java javascript penetration-testing-tools security-testing security-tools trusted-types
Last synced: 23 Mar 2025
https://github.com/paulveillard/cybersecurity-cross-site-scripting
An ongoing curated collection of awesome XSS software, libraries, frameworks, learning tutorials & practical resources cross-site scripting.
cross-site-scripting penetration-testing-tools vulnerability-assessment vulnerability-detection vulnerability-identification vulnerability-scanners xss xss-attacks xss-detection xss-exploitation xss-filter xss-injection xss-payloads xss-poc xss-scanner xss-vulnerability
Last synced: 28 Mar 2025
https://github.com/sumithemmadi/beef-xss
AUR beef-xss
beef beef-xss cross-site-scripting xss xss-injection
Last synced: 12 Apr 2025
https://github.com/inforkgodara/xss-vulnerability
Explanation of Cross-site Scripting (XSS) with PHP mini project.
cookie cookie-hijack cross-site cross-site-scripting php xss-attacks xss-vulnerability
Last synced: 12 Jun 2025
https://github.com/noraj/xss-classification-model
:speech_balloon: XSS classification model - Types of Cross-Site Scripting
classification-model cross-site-scripting xss xss-classification-model
Last synced: 11 Jun 2025
https://github.com/volkansah/xsspy-ncf
XssPy is a tool designed to help security researchers and ethical hackers identify potential Cross-Site Scripting (XSS) vulnerabilities in web applications. It automates the process of testing for XSS vulnerabilities by analyzing web pages and submitting payloads to check for any possible security issues.
2024 cross-site-scripting ethical ethical-hacker ethical-hacking ethical-hacking-tools payload payloads payloads-cheatsheet python python3 rebuild xss xsspy
Last synced: 12 Apr 2025
https://github.com/darkstarbdx/xssblitz
XSSblitz ⚡ is a blazing-fast 🚀 and modern 🖥️ XSS vulnerability scanner 🔍, designed to help you effortlessly uncover 🕵️♂️ and exploit XSS vulnerabilities 💥 with ease.
bugbounty cross-site-scripting ethical-hacking security-testing security-tools tools vulnerability-exploitation vulnerability-scanner xss xss-detection xss-exploitation xss-vulnerability
Last synced: 03 Apr 2025
https://github.com/p1ngul1n0/xss4fun
XSS payloads just for fun.
cross-site-scripting pentest pentesting web xss
Last synced: 23 Apr 2025
https://github.com/noobpk/gemini-web-vulnerability-detection
Gemini-Web Vulnerability Detection (G-WVD) detecting web application vulnerabilities with deep learning
apache-kafka apache-spark artificial-intelligence big-data-analytics command-injection cross-site-scripting deep-learning docker-compose docker-image kafka pyspark sqlinjection vulnerability-detection
Last synced: 26 Apr 2025
https://github.com/volkansah/sqlp-edu
Example Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.
bypass cross-site-scripting ehtical-hacking-tools exploit exploitation explotation hacking hacking-tool hacking-tools penetration-testing pentesting phishing python security sql-xss vulnerability xss xss-attacks xss-exploitation xss-injection
Last synced: 29 Mar 2025
https://github.com/danieldanielecki/javascript-security-engineering
JavaScript Security Engineering (Helicopter View) workshop, crafted for 3 hours with a bunch of demos
angular compiler cross-origin-resource-sharing cross-site-scripting firebase-security helmet helmetjs javascript javascript-security react reactjs security serverless-security svelte svelte3 sveltejs typescript vue vuejs web-security
Last synced: 07 May 2025
https://github.com/r3dhulk/xss-vulnerability-finder-in-ruby
XSS Vulnerability Tool In Ruby
blackhat cross-site-scripting crosssitescripting ethical ethical-hacking ethical-hacking-tools hacking hacking-tool ruby ruby-for-ethical-hackers ruby-for-ethical-hacking rubyforethicalhackers rubyforethicalhacking xss xss-attacks xss-detection xss-exploitation xss-injection xss-scanner xss-vulnerability
Last synced: 30 Apr 2025
https://github.com/sap/sanitizer-checker
A tool to evaluate the security of JavaScript sanitizer functions.
cross-site-scripting injection javascript sanitizer security
Last synced: 04 Feb 2025
https://github.com/noraj/xss-classification-model-slideshow
:spiral_notepad: A presentation about XSS classification model - Types of XSS evolution
classification-model cross-site-scripting presentation slideshow xss xss-classification-model
Last synced: 16 Jun 2025
https://github.com/noobpk/gemini-web-vuln-detection
Deep Learning - Web Application Vulnerabilities Detection Predict
ai-security convolutional-neural-networks cross-site-scripting deep-learning deep-learning-algorithms docker docker-image long-short-term-memory machine-learning sqlinjection vulnerability-detection web-vulnerability
Last synced: 26 Apr 2025
https://github.com/cihatsolak/netcore-security
How we take precautions against attacks from malicious users is exemplified. Net core projects have default security measures. We can use the IDataprotector interface to encrypt data. We must also be protected against xss attacks such as Reflected or Stored. For this, we must pay attention to the use of Html.Raw().
cors cross-site-scripting dataprotection hsts https-client ipcontrol secret-management security
Last synced: 16 May 2025
https://github.com/claudiaslibrary/webappsec
This tool automates the process of auditing a web application for common security vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and missing HTTP security headers. The results of the audit are stored in an HTML report for easy review.
cross-site-scripting cybersecurity html-report http-secure-header open-source-security penetration-testing python-security sql-injection vulnerability-scanners web-security xss
Last synced: 13 Apr 2025
https://github.com/r3dhulk/xss-vulnerability-finder-in-perl
XSS Vulnerability Tool In Perl
blackhathacker blackhathacking cross-site-scripting crosssitescripting ethical-hacking ethicalhacking hacking perl perl-for-ethical-hacker perl-for-ethical-hackers perl-for-ethical-hacking perl5 perlforethicalhacking xss xss-attacks xss-detection xss-exploitation xss-injection xss-scanner xss-vulnerability
Last synced: 13 Mar 2025
https://github.com/BansheeTech/AgnosticHTML
AgnosticHTML: A utility function that safely parses HTML strings into DOM nodes, avoiding the use of innerHTML for security reasons.
agnostichtml createelement cross-site-scripting document dom html html-to-dom innerhtml javascript node parser safe-dom sanitization sanitizer secure-html security vanilla-javascript vanilla-js xss
Last synced: 18 Mar 2025
https://github.com/sofiane-abou-abderrahim/javascript-security-share-my-place
I improved my previous "JavaScript Share My Place" app so that I can protect it from security holes and concepts. I specifically handled the two most important JavaScript attack patterns or vulnerabilities, which are Security Details in my code exposed accidentally and Cross Site Scripting (XSS) attacks, with Sanitize HTML package for example.
cross-site-request-forgery cross-site-scripting sanitize-html security security-hole security-vulnerability
Last synced: 03 Apr 2025
https://github.com/epomatti/xss-attack
Cross Site Scripting (XSS) attack demo
cross-site-scripting javascript node security xss
Last synced: 11 Mar 2025
https://github.com/tom474/security_attacks_analysis
[RMIT 2024C] COSC2539 - Security in Computing and IT - Programming-based Security Project
command-injection cross-site-scripting denial-of-service security security-attacks sql-injection
Last synced: 04 Mar 2025
https://github.com/jackdbd/content-security-policy
Content-Security-Policy in JavaScript, with validation and automatic hashes.
content-security-policy cross-site-scripting csp csp-directives http http-header xss
Last synced: 27 Mar 2025
https://github.com/ayeshaashfaq12/vulnerability_scanner
The Vulnerability Scanner is a Django-based application that scans websites for security vulnerabilities, providing insights into potential weaknesses such as SQL Injection, XSS, and CSRF issues. Users receive a detailed analysis and site safety score, helping them enhance their web security posture.
cross-site-scripting django django-application django-project javascript-injection python python-app python-script remote-code-execution sql-injection-attacks vulnerability vulnerability-analysis vulnerability-assessment vulnerability-detection vulnerability-identification vulnerability-scanner vulnerability-scanners vulnerability-scanning
Last synced: 18 Mar 2025
https://github.com/zebbern/secops-cli-guides
A collection of essential penetration testing and Linux administration commands, compiled in easy-to-use PDFs. This repository includes detailed guides on tools like Metasploit, Nmap, Sqlmap, Hydra, and Linux system management. Ideal for ethical hackers, sysadmins, and security professionals. More resources coming soon!
api buffer-overflow bugbounty burp-suite cloud cloud-pentesting cross-site-scripting csrf ddos exploits guide linux networking pentesting privilege-escalation secops security toolset wireshark
Last synced: 11 Mar 2025
https://github.com/oelin/fingerprint
Create canvas fingerprints for your browser ☝.
browser-fingerprinting canvas-fingerprinting cross-site-scripting cross-site-tracking web-security
Last synced: 12 Mar 2025
https://github.com/mbadanoiu/cve-2020-12625
CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail
0-day cross-site-scripting cve cve-2020-12625 cves unauthenticated
Last synced: 01 Mar 2025
https://github.com/mbadanoiu/wso2-2020-0731
WSO2-2020-0731: XXE and XSS vulnerabilities in WSO2 Carbon
0-day cross-site-scripting stored-xss wso2-2020-0731 xxe
Last synced: 01 Mar 2025
https://github.com/flipeador/node-http-cors
Node.js HTTP CORS middleware.
content-security-policy cors cross-origin-resource-sharing cross-site-request-forgery cross-site-scripting express javascript middleware nodejs same-origin-policy
Last synced: 04 Mar 2025
https://github.com/mbadanoiu/cve-2019-1332
CVE-2019-1332: Reflected Cross-Site Scripting in Microsoft SQL Server Reporting Services
0-day cross-site-scripting cve cve-2019-1332 cves reflected-xss
Last synced: 01 Mar 2025
https://github.com/yogsec/xss-test
A simple XSS payload host for testing and demonstrating stored/reflected XSS using GitHub Pages. Useful for bug bounty & security research.
cross-site-scripting cross-site-scripting-proof cross-site-scripting-xss xss xss-attacks xss-detection xss-exploitation xss-injection xss-payloads xss-scanner xss-vulnerability
Last synced: 09 Apr 2025
https://github.com/itanex/antiforgerydemo
Demo using my Anti-forgery Middleware
anti-forgery asp-net-core cross-site-scripting csharp middleware
Last synced: 24 Mar 2025
https://github.com/mbadanoiu/cve-2021-42558
CVE-2021-42558: Multiple Cross-Site Scripting in MITRE Caldera
0-day cross-site-scripting cve cve-2021-42558 cves
Last synced: 01 Mar 2025
https://github.com/reside-eng/fortifyjs
FortifyJS is a library focused on delivering security headers for web applications within the JavaScript ecosystem
clickjacking content-security-policy cross-site-scripting fortified headers http javascript security web
Last synced: 11 Apr 2025
https://github.com/chi-wei-lien/xss-injection
In this video I covered how to perform cross site scripting (XSS), which basically allows attackers to have full control over a vulnerable website 😈. Just like always, this video is for educational purposes. If you do any illegal stuff you will get arrested 🚓!
cross-site-scripting ctf cybersecurity cybersecurity-education xss
Last synced: 14 Apr 2025
https://github.com/mbadanoiu/mal-003
MAL-003: Groovy Security Bypass and Stored XSS in Apache OfBiz
0-day authenticated bypass cross-site-scripting groovy remote-code-execution stored-xss
Last synced: 14 Mar 2025
https://github.com/mbadanoiu/cve-2020-13965
CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail
0-day cross-site-scripting cve cve-2020-13965 cves unauthenticated
Last synced: 01 Mar 2025