Build software better, together

Hacker0x01 / hacker101

Hacker101

education hacking security hackerone hacker101 xss clickjacking csrf web-security session-fixation unchecked-redirects sql-injection

Ruby Updated Oct 5, 2018

cure53 / DOMPurify

2.7k

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secu…

xss sanitizer dom security javascript dompurify prevent-xss-attacks mathml html svg cross-site-scripting

JavaScript Updated Oct 11, 2018

Arachni / arachni

2.1k

Web Application Security Scanner Framework

arachni dom ruby audit detection security-audit analysis modular javascript scanners web-application vulnerability-detection crawler scanner hack hacking penetration-testing xss sql-injection

Ruby Updated Sep 6, 2018 2 issues need help

CHYbeta / Web-Security-Learning

1.7k

Web-Security-Learning

security sqlinjection xss

HTML Updated Jan 29, 2018

s0md3v / XSStrike

1.7k

XSS Scanner equipped with powerful fuzzing engine & intelligent payload generator

xss xss-scanner xss-exploit xss-bruteforce xss-python xss-detection xss-payloads

Python Updated Aug 22, 2018

evilcos / xssor2

1.4k

XSS'OR - Hack with JavaScript.

probe pentest-tool xss csrf encoding hacking-tool pentest hack

JavaScript Updated Aug 22, 2018

foospidy / payloads

1.2k

Git All the Payloads! A collection of web attack payloads.

payload payloads xss sqli web-attack-payloads passwords

Shell Updated Aug 27, 2018

microcosm-cc / bluemonday

1k

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content …

sanitization html security xss go owasp whitelist

Go Updated Aug 19, 2018

m4n3dw0lf / pythem

737

pentest framework

Python Updated Oct 17, 2018

jklmnn / imagejs

699

Small tool to package javascript into a valid image file.

injection xss

C Updated Mar 14, 2018

0xSobky / HackVault

671

A container repository for my public web hacks!

payloads web-security pentesting tracking fuzzing regex reconnaissance xss exploit

JavaScript Updated Sep 7, 2018

v3n0m-Scanner / V3n0M-Scanner

544

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Python Updated Oct 2, 2018

s0md3v / AwesomeXSS

525

Awesome XSS stuff

xss payload xss-payloads payload-list xss-detection xss-cheatsheet

JavaScript Updated Oct 2, 2018

masatokinugawa / filterbypass

516

pentest xss security cheatsheet

Updated May 6, 2017

mganss / HtmlSanitizer

503

Cleans HTML to avoid XSS attacks

xss html sanitizer

C# Updated Sep 25, 2018

samdenty99 / injectify

472

Perform advanced MiTM attacks on websites with ease 💉

mitm xss console-replication typescript nodejs modular reactjs redux webpack github-oauth mongodb

TypeScript Updated Oct 11, 2018

paragonie / csp-builder

422

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

csp csp-header json-configuration csp-builder content-security-policy http http-header php easy-to-use secure-by-default security xss cross-site-scripting

PHP Updated Jun 18, 2018

1N3 / BlackWidow

413

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Python Updated Aug 31, 2018

cagataycali / xss-listener

404

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

xss xss-attacks security-hardening security-tools xss-harvest xss-harvester

JavaScript Updated Mar 12, 2018 1 issue needs help

nette / latte

387

☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.

nette nette-framework latte php template-engine xss security content-aware safety security-hole

PHP Updated Oct 17, 2018

AlisamTechnology / ATSCAN

365

Advanced Search & Mass Exploit Scanner- فاحص متقدم لبحث و استغلال الثغرات بالجملة

Perl Updated Jul 11, 2018

RisingStack / protect

340

Proactively protect your Node.js web services

security express xss sql-injection nodejs

JavaScript Updated Sep 28, 2018

ismailtasdelen / xss-payload-list

334

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

HTML Updated May 5, 2018

CoolerVoid / 0d1n

327

Web security tool to make fuzzing at HTTP/S, Beta

web-server security hacking fuzzing sqlinjection xss bruteforce libcurl

C Updated Dec 3, 2017

ssl / ezXSS

308

ezXSS is an easy way to test (blind) XSS

payload xss blind php screenshot test xss-vulnerability xss-exploitation xss-detection xss-attacks xss-injection xss-scanner blind-xss easy-to-use easy

HTML Updated Jun 19, 2018

ajinabraham / OWASP-Xenotix-XSS-Exploit-Framework

302

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitatio…

xss exploitation-framework xss-scanner xenotix xss-exploitation xss-detection dom-xss

Python Updated Aug 21, 2017

Metnew / uxss-db

302

🔪Browser logic-based vulnerabilities DB ☠️

security browser xss vulnerability cve javascript

HTML Updated Oct 10, 2018

YalcinYolalan / WSSAT

280

WEB SERVICE SECURITY ASSESSMENT TOOL

web-service security-tools dynamic-testing static-analysis vulnerabilities xxe-injection sqlinjection xss xml-bomb rest-api-test information-disclosure soap-web-services web-service-test scanner web-service-scanner rest-api-scanner

C# Updated Sep 27, 2018

Varbaek / xsser

251

From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras

xss xss-exploitation xss-poc xss-injection xss-attacks

Python Updated Sep 8, 2018

dotboris / vuejs-serverside-template-xss

227

Demo of a Vue.js app that mixes both clientside templates and serverside templates leading to an XSS vulnerability

xss xss-vulnerability vuejs2 vue vuejs vue2 security

PHP Updated May 27, 2018

Please note that GitHub no longer supports Internet Explorer.

xss

Repositories 234