XSS cheatsheet for filter evasion by RSnake. This page is for those who understand the basics of XSS but want a deep understanding of filter evasion nuances. It provides underlying attack vectors without mitigation techniques or actual cookie/credential stealing methods.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
A modular Python tool that obfuscates Android applications by manipulating decompiled smali code, resources, and manifest files without requiring source code access.
RiskInDroid is a machine learning-based tool that performs quantitative risk analysis of Android applications by reverse engineering bytecode and analyzing permission usage to generate numeric risk scores.
A comprehensive toolkit for web application security testing, offering a range of products and solutions for identifying vulnerabilities and improving security posture.
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
A PHP port of Rack::Honeypot, a spam trap that detects and blocks spambots
APKiD is a tool that identifies compilers, packers, obfuscators, and other weird stuff in APK files.
Search engine for open-source Git repositories with advanced features like case sensitivity and regular expressions.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.