XSSCon: Simple XSS Scanner tool XSSCon is a simple XSS scanner tool that can be used to scan websites for Cross-Site Scripting (XSS) vulnerabilities. It's a command-line tool that uses a combination of techniques to identify potential XSS vulnerabilities. XSSCon is designed to be easy to use and requires minimal setup. It's a great tool for security researchers, penetration testers, and developers who want to identify and fix XSS vulnerabilities in their applications.
FEATURES
SIMILAR TOOLS
A program to manage yara ruleset in a database with support for different databases and configuration options.
A .NET assembly debugger and editor that enables reverse engineering and dynamic analysis of compiled .NET applications without source code access.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
Joe Sandbox Community provides automated cloud-based malware analysis across multiple OS platforms.
yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.