Application Security for Xss
Application security tools and solutions for securing web applications, mobile apps, and software throughout the development lifecycle. Task: Xss
Explore 26 curated cybersecurity tools, with 14,626+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
Node.js Goof is a vulnerable Node.js demo application containing multiple security vulnerabilities for testing and educational purposes.
A tool to find XSS vulnerabilities in web applications
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A fast and simple DOM based XSS vulnerability scanner
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
Dalfox is an open-source automated XSS scanner that provides customizable scanning profiles and detailed reporting for cross-site scripting vulnerability detection.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
DOMdig is a DOM XSS scanner that uses static analysis, dynamic analysis, and fuzz testing to detect and exploit Cross-Site Scripting vulnerabilities in Single Page Applications.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
Femida is a Python automation tool that integrates with Burp Suite to detect blind XSS vulnerabilities in web applications through HTTP request analysis.
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
A Burp Suite extension that automates XSS vulnerability detection and validation through custom payload generation and response analysis.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
DOM-based XSS vulnerability scanner
A deliberately vulnerable Android application containing multiple security flaws designed for educational purposes and security training.
A deliberately vulnerable Android application containing multiple security flaws designed for educational purposes and security training.
A Burp Suite plugin that extracts keywords from HTTP responses using regex patterns and tests for reflected XSS vulnerabilities within the target scope.
A Burp Suite plugin that extracts keywords from HTTP responses using regex patterns and tests for reflected XSS vulnerabilities within the target scope.
MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.
MCIR is a unified framework for building code injection vulnerability testbeds that combines SQL, XML, shell, and XSS injection testing tools with shared functionality and template-based extensibility.
NAXSI is a third-party nginx module that prevents XSS and SQL injection attacks by filtering HTTP traffic based on predefined security rules.
NAXSI is a third-party nginx module that prevents XSS and SQL injection attacks by filtering HTTP traffic based on predefined security rules.
A collection of vulnerable web application test cases designed to benchmark and evaluate the effectiveness of static security analyzers and penetration testing tools.
A collection of vulnerable web application test cases designed to benchmark and evaluate the effectiveness of static security analyzers and penetration testing tools.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
A Fastify plugin that implements HTTP security headers through a wrapper around the helmet library to protect web applications from common vulnerabilities.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A Nuxt 3 security module that automatically implements OWASP security patterns through HTTP headers, middleware, and various protection mechanisms including CSP, XSS validation, CORS, and CSRF protection.
A web security tool that scans for vulnerabilities and known attacks.
A web security tool that scans for vulnerabilities and known attacks.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications.
w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications.
Curiefense is an application security platform that extends Envoy proxy to protect web applications and APIs against SQL injection, XSS, DDoS, and other common threats.
Curiefense is an application security platform that extends Envoy proxy to protect web applications and APIs against SQL injection, XSS, DDoS, and other common threats.
A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.
A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.