Xss
Explore 45 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
Goof is a vulnerable Node.js demo application that includes a series of vulnerabilities and exploits
A tool to find XSS vulnerabilities in web applications
A collection of XSS payloads designed to turn alert(1) into P1
A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities
Dalfox is a powerful open-source XSS scanner and utility focused on automation.
A powerful tool for identifying and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A simple Swagger-ui scanner that detects old versions vulnerable to various XSS attacks
A Burp intruder extender for automating and validating XSS vulnerabilities
A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.
A free and open-source tool for identifying vulnerabilities in Joomla-based websites.
A tool for detecting and exploiting vulnerabilities in web applications
A free online tool to scan for DOM-based XSS vulnerabilities in HTML, JavaScript, and CSS files.
A portable version of XSSHunter.com for finding and exploiting Cross-Site Scripting (XSS) vulnerabilities.
Hack with JavaScript XSS'OR tool for encoding/decoding and various XSS related functionalities.
DOM-based XSS vulnerability scanner
A Burp plugin for identifying potential vulnerabilities in web applications
A free and open source C2 and proxy for penetration testers
A third-party Nginx module that prevents common web attacks by reading a small subset of simple rules containing 99% of known patterns involved in website vulnerabilities.
A Python-based tool for detecting XSS vulnerabilities
A blog about various cybersecurity-related topics, including home networking, compiler development, and security vulnerabilities.
A web security tool that scans for vulnerabilities and known attacks.
A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.
DOMPurify is a fast XSS sanitizer for HTML, MathML, and SVG.
A tool that automatically audits website security by crawling an entire website and identifying vulnerabilities
Automatic tool for pentesting XSS attacks against different applications
A deliberately vulnerable modern day app with lots of DOM related bugs
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.
Cross-site scripting labs for web application security enthusiasts
A comprehensive cheatsheet for XSS filter evasion techniques.
A categorized collection of bug bounty write-ups for various vulnerabilities.
A tool for testing Cross Site Scripting vulnerabilities
Web-application vulnerability scanner with extensive coverage of security testing modules.
A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.