cross-site-scripting

There are 9 repositories under cross-site-scripting topic.

cure53 / DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
xss sanitizer dom security javascript dompurify prevent-xss-attacks mathml html svg cross-site-scripting
Language:JavaScript 13342
payloadbox / xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
bugbounty cross-site-scripting dom-based payload payloads reflected-xss-vulnerabilities self-xss websecurity website-vulnerability xss xss-attacks xss-detection xss-exploitation xss-injection xss-payload xss-payloads xss-poc xss-scanner xss-scanners xss-vulnerability
5925
andresriancho / w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
appsec cross-site-scripting scanner security sql-injection
Language:Python 4483
toxssin
t3l3machus / toxssin
An XSS exploitation command-line interface and payload generator.
cross-site-scripting exploitation javascript penetration-testing pentesting-tools python web-penetration-testing xss-exploitation xss-vulnerability hacking xss
Language:Python 1161
paragonie / csp-builder
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
csp csp-header json-configuration csp-builder content-security-policy http http-header php easy-to-use secure-by-default security xss cross-site-scripting
Language:PHP 543
LewisArdern / bXSS
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
blueteam bugbounty bxss cross-site-scripting infosec security xss
Language:JavaScript 496
rizemon / exploit-writing-for-oswe
Tips on how to write exploit scripts (faster!)
awae awae-prep cross-site-scripting oswe oswe-prep python python3 requests sql-injection sqli web-exploitation xss
384
Egyscan
dragonked2 / Egyscan
Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
cybersecurity scanner vulnerability-scanners command-line cross-site-scripting injection python rce remote sqlinjection vulnerability vulnerability-detection xss sql-injection-remote-code-execution-cross-site remote-code-execution sql-injection command-injection lfi ssrf xxe-injection
Language:Python 223
dipakpanchal05 / CVE-2022-23808
phpMyAdmin XSS
zeroday xss exploit exploitation phpmyadmin database cross-site-scripting vulnerability bugbounty redteam redteaming pentesting hacking poc owasp owasp-top-10 infosec
114
moeinfatehi / xss_vulnerability_challenges
this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.
application-security appsecurity infosec penetration-testing pentesting xss xss-attacks xss-detection xss-exploitation xss-filter xss-vulnerability cross-site-scripting input-validation owasp owasp-top-10 owasp-top-ten
Language:PHP 113
Damian89 / xssfinder
Toolset for detecting reflected xss in websites
xss itsecurity cross-site-scripting vulnerability-detection bugbounty pentesting python3
Language:Python 110
Proviesec / xss-payload-list
xss-payload-list
bugbounty security pentesting xss cross-site-scripting
Language:JavaScript 102
The404Hacking / XsSCan
XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]
the404hacking xssscan xss scan scanner security security-scanner xss-vulnerability subdomain hacking python cross-site-scripting
Language:Python 71
jackaduma / NLP4CyberSecurity
NLP model and tech for cyber security tasks
cyber-security cybersecurity deep-learning machine-learning network-security nlp nlp-deep-learning nlp-machine-learning malicious-url-detection password-strength phishing-detection text-classification cross-site-scripting cross-site-scripting-proof phishing-attacks code-injection command-injection sql-injection xss-injection
Language:Jupyter Notebook 70
xadhrit / xira
xss vulnerability scanner and input fuzzing tool.
pentesting-tools web-hacking cross-site-scripting vulnerability-scanners python3
Language:Python 61
Encryptor-Sec / XSSearch
XSSearch is a comprehensive reflected XSS tool built on selenium framework in python language. It contains more than 3000 payloads for automating XSS attacks and validating XSS endpoint
xss cross-site-scripting reflect-xss python3 selenium-webdriver linux command-line-tool bugbounty xss-detection xss-finder xss-payloads xss-scanner
Language:Python 60
Stuub / Helios
Helios: Automated XSS Testing
code-execution cross-site-scripting cve cve-2024 cybersecurity offensive-security owasp penetration-testing python red-team xss stuub
Language:Python 49
ML-based-WAF
vladan-stojnic / ML-based-WAF
Simple machine learning based web application firewall (WAF) created in python
sqli xss path-traversal sql-injection cross-site-scripting cmdi command-injection parameter-tampering http ml machine-learning svm tf-idf decision-trees waf web-application-firewall python sklearn scapy dash
Language:Jupyter Notebook 44
deep-security / aws-waf
Deep Security's APIs make it simple to integration with a variety of AWS Services
aws-waf deep-security sql-injection cross-site-scripting iplist security-automation
43
ivan-sincek / xss-catcher
Simple API for storing all incoming XSS requests and various XSS templates.
php api javascript cross-site-scripting cross-site-request-forgery ethical-hacking security offensive-security red-team-engagement bug-bounty cors cross-origin-resource-sharing csrf penetration-testing web web-penetration-testing xss blind-xss
Language:HTML 31
hexrom / CookieHeist
PHP Cookie Stealing Scripts for use in XSS
session-cookie cross-site-scripting xss-attacks session-hijacking php
Language:PHP 26
MrPr0fessor / Google-Dorks-for-Cross-site-Scripting-XSS
Cross-Site Scripting (XSS) injects malicious scripts into trusted websites via user input. Attacker-sent scripts run in users' browsers, accessing sensitive data, cookies, and even altering HTML content. Widespread due to input validation lapses.
cross-site-scripting cyber cyber-security ethical-hacking-tools google-dorks penetration-testing-tools vulnerability-assessment vulnerability-detection vulnerability-scanners web-application-security web-penetration-testing xss xss-payload xss-payloads xss-vulnerability find-xss
25
J2TEAM / xss-me
A simple web application to learn about Cross-Site Scripting (XSS)
xss xss-poc cross-site-scripting security
Language:PHP 22
michaeluno / php-simple-web-scraper
A PHP application which runs on Heroku and dumps web site outputs including JavaScript generated contents.
heroku scraper php phantomjs crowler proxy cross-site cross-domain cross-domain-request cross-domain-solution cross-origin cross-origin-resource-sharing web-scraper heroku-application cross-site-scripting
Language:PHP 20
p4p1 / xss_bomb
A cross site scripting command and control notification server
xss javascript expo express android pentesting-tools webapplicationhacking penetration-testing-tools hacking-tools cross-site-scripting burp-collaborator-server
Language:JavaScript 19
Ak-wa / XSSRecon
XSSRecon - Reflected XSS Scanner
xss-exploitation xss-scanner cross-site-scripting scanner-web python3 linux kali-linux kali-scripts
Language:Python 18
dayeya / FinalWall
A Web application firewall to monitor, analyze and block traffic, built with Python
attacks-threats-vulnerabilites cybersecurity networking pydivert python cross-site-scripting csrf-protection file-inclusion sql-injection xss
Language:Python 16
humblelad / Awesome-XSS-Payloads
Exotic and uncommon XSS Vectors to hit the target as quickly as possible.
xss-vulnerability cross-site-scripting security-testing
16
doomguy / xsscan
A simple script to detect unescaped characters in a web application for e.g. Cross Site Scripting (XSS) attacks.
hacking security security-tools security-scanner cross-site-scripting xss xss-detection xss-scanner bugbounty injection hacking-tools hackingtools security-testing hackingtool hacking-tool scanner scanning scan-tool scan scanner-web
Language:Python 12
soosyze / kses
It removes all unwanted HTML elements and attributes, no matter how malformed HTML input you give it. Checks on attribute values. Can be used to avoid Cross-Site Scripting (XSS), Buffer Overflows and Denial of Service attacks, among other things.
php kses xss xss-attacks filter web-security security dompurify cross-site-scripting prevent-xss-attacks
Language:PHP 12
xadhrit / xss-hacker
Cross Site Scripting Cheat sheet.
xss xss-vulnerability hacking cheatsheets payloads-database webapp cross-site-scripting hacktoberfest
12
Cross-site-Scripting
ShubhamJagtap2000 / Cross-site-Scripting
🐞 Understand how cross-site scripting occurs, how to detect and exploit XSS vulnerabilities, giving you control of other visitor's browsers.
bugbounty cross-site-scripting cybersecurity ethical-hacking exploitation owasp-top-10 penetration-testing vulnerabilities hacktoberfest hacktoberfest2022 xss hactoberfest-accepted
Language:JavaScript 11
JavaScript-Basics
ShubhamJagtap2000 / JavaScript-Basics
👻 JavaScript basics for beginners and cybersecurity enthusiatsts. Learn the high-level, multi-paradigm language of the web.
cross-site-scripting cybersecurity dom javascript javascript-basics javascript-beginners tryhackme tryhackme-writeups xss
Language:JavaScript 11
thomashartm / burp-domsink-logger
Injects a trusted types policy into an HTML page to log all DOM sinks whenever HTML is written into the DOM.
burp-extensions burp domxss penetration-testing-tools security-testing security-tools java javascript trusted-types cross-site-scripting burpsuite-extender burp-plugin
Language:Java 11
fxrhan / all-XSS-Payloads
This is a list contains 7000+ Cross Site Scripting Payloads.
cross-site-scripting xss xss-vulnerability web-penetration-testing payload hacking-tools
10
fmereani / Cross-Site-Scripting-XSS
This project contains datasets for Cross Site Scripting (XSS), SQL, and LDAP injections. The project also contains the Matlab code for creating SVM, K-NN, Random Forest, and Neural Networks classifiers to detect Web applications attacks.
ml-classifier xss datasets xss-payloads ldap-injections sql-i cross-site-scripting
Language:MATLAB 9