xss-payload-list
XSS payloads
A collection of scripts and payloads designed to exploit Cross-Site Scripting (XSS) vulnerabilities in web applications.
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
6k stars
139 watching
2k forks
last commit: 6 months ago
Linked from 1 awesome list
bugbountycross-site-scriptingdom-basedpayloadpayloadsreflected-xss-vulnerabilitiesself-xsswebsecuritywebsite-vulnerabilityxssxss-attacksxss-detectionxss-exploitationxss-injectionxss-payloadxss-payloadsxss-pocxss-scannerxss-scannersxss-vulnerability
qazbnm456/awesome-web-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 epsylon/xsser | Automated tool to detect and exploit Cross Site Scripting (XSS) vulnerabilities in web applications | 1,223 |
| payloadbox/command-injection-payload-list | A collection of examples and tools to test and exploit command injection vulnerabilities in web applications. | 3,036 |
 voku/anti-xss | A security-focused PHP library to prevent cross-site scripting (XSS) attacks | 682 |
 ssl/ezxss | A tool for testing and exploiting Cross Site Scripting vulnerabilities in web applications | 1,938 |
 hakluke/weaponised-xss-payloads | A collection of JavaScript files designed to exploit vulnerabilities in popular CMS platforms | 1,346 |
 evilcos/xssor2 | A tool designed to demonstrate cross-site scripting (XSS) vulnerabilities and exploits using JavaScript and Django. | 2,141 |
 s0md3v/xsstrike | Automated tool to scan and detect Cross Site Scripting vulnerabilities in web applications | 13,452 |
 hipotermia/vaya-ciego-nen | Detects and exploits Blind Cross-site scripting (XSS) vulnerabilities to retrieve sensitive information and control user interactions. | 41 |
 jewel591/xssmap | A tool to detect cross-site scripting vulnerabilities in web applications | 261 |
 mandatoryprogrammer/xsshunter | A service designed to test for cross-site scripting (XSS) vulnerabilities in web applications by automatically firing XSS payloads and collecting information about the resulting responses. | 1,501 |
 graphql/graphql-playground | A tool enabling real-time GraphQL development workflows with interactive documentation and collaboration features. | 8,787 |
 leizongmin/js-xss | Sanitizes untrusted HTML to prevent cross-site scripting attacks by filtering input based on a whitelist of allowed tags and attributes. | 5,227 |
 aj00200/xssed | A collection of intentionally flawed PHP scripts to test for cross-site scripting vulnerabilities. | 37 |
| mandatoryprogrammer/xsshunter_client | An instrument used to hunt and identify cross-site scripting (XSS) vulnerabilities by tracking correlated requests and payloads. | 250 |
 attackercan/burp-xss-sql-plugin | Automated tool for detecting cross-site scripting (XSS) and SQL injection vulnerabilities in web applications. | 44 |