Xss

A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz

w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications.

XSS Polyglot Challenge - XSS payload running in multiple contexts for testing XSS.

Curiefense is an application security platform that extends Envoy proxy to protect web applications and APIs against SQL injection, XSS, DDoS, and other common threats.

A collection of 20 cross-site scripting challenges covering various XSS attack vectors and filtering bypass techniques for educational purposes.

A comprehensive cheatsheet for XSS filter evasion techniques.

A categorized collection of bug bounty write-ups that documents real-world vulnerability discoveries and exploitation techniques across various security flaw types.

An educational codelab that demonstrates web application vulnerabilities including XSS, XSRF, and code execution attacks along with their corresponding defensive measures.

ezXSS is a testing framework that helps penetration testers and bug bounty hunters identify Cross Site Scripting vulnerabilities, especially blind XSS attacks.

A CLI tool that performs security assessments on Joi validator schemas by testing them against various attack vectors including XSS, SQL injection, RCE, and SSRF.

Web-application vulnerability scanner with extensive coverage of security testing modules.

A Java based HTTP/HTTPS proxy for assessing web application vulnerability with various useful features.