DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

Toolset for detecting reflected xss in websites

Deep Security's APIs make it simple to integration with a variety of AWS Services

XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]

A simple web application to learn about Cross-Site Scripting (XSS)

PHP Cookie Stealing Scripts for use in XSS

We are going to go through some techniques and common PHP use cases for Website Security. Website security is often overlooked- and that’s understandable, but basic security can be put down to lots of techniques.

quickly detects OWASP top 10 vulnerabilities in your current tab

A simple script to detect unescaped characters in a web application for e.g. Cross Site Scripting (XSS) attacks.

Secure login authentication and comment prevention from Cross site scripting ,SQL INJECTION , and session hijacking

Given some data, js-char-escape returns a stringified representation of that data to help prevent XSS/ Cross-site_Scripting Attacks in your application). js-char-escape is a fork of jsesc with a few additions such as exclude & excludeAccented.

Implementation for sqlinjection, cross-side-scripting and phising(gmail) attacks.

Exotic and uncommon XSS Vectors to hit the target as quickly as possible.

Presentation with reveal.js about xss

Some Shell Scripts for System Exploitation

Demo using my Anti-forgery Middleware

Use HtmlAgilityPack parser to sanitize html text against unrecognized tags and attributes.

A framework for creating and preparing javascript for XSS written in Python. It comes loaded with a couple of Presets and Payloads.