cross-site-scripting topic
xss_bomb
A cross site scripting command and control notification server
bXSS
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
csp-builder
Build Content-Security-Policy headers from a JSON file (or build them programmatically)
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
w3af
w3af: web application attack and audit framework, the open source web vulnerability scanner.
phpvuln
🕸️ Audit tool to find common vulnerabilities in PHP source code
DOMPurify
DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
toxssin
An XSS exploitation command-line interface and payload generator.
xssfinder
Toolset for detecting reflected xss in websites
CVE-2022-23808
phpMyAdmin XSS