GitHub
github.com › s0md3v › XSStrike
GitHub - s0md3v/XSStrike: Most advanced XSS scanner. · GitHub
Most advanced XSS scanner. Contribute to s0md3v/XSStrike development by creating an account on GitHub.
Starred by 14.9K users
Forked by 2.1K users
Languages Python 98.8% | HTML 1.2%
GitHub
github.com › truocphan › XSS-Checker
GitHub - truocphan/XSS-Checker: XSS-Checker is a tool used to Check / Validate for XSS vulnerabilities · GitHub
usage: XSS-Checker [-h] --url URL ... WRITEFILE] [--silent] [--update] [--version] XSS-Checker is a tool used to Check / Validate for XSS vulnerabilities optional arguments: -h, --help show this help message and exit --url ...
Starred by 18 users
Forked by 3 users
Languages Python
GitHub
github.com › secdec › xssmap
GitHub - secdec/xssmap: Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities - secdec/xssmap
Starred by 151 users
Forked by 32 users
Languages Python 79.4% | PHP 10.6% | JavaScript 6.3% | Shell 3.7% | Python 79.4% | PHP 10.6% | JavaScript 6.3% | Shell 3.7%
GitHub
github.com › topics › xss-scanner
xss-scanner · GitHub Topics · GitHub
xss xss-scanner xss-detection xss-exploit xss-bruteforce xss-python xsstrike waf-detection
GitHub
github.com › topics › xss-detection
xss-detection · GitHub Topics · GitHub
xss xss-scanner xss-detection xss-exploit xss-bruteforce xss-python xsstrike waf-detection
GitHub
github.com › rix4uni › xsschecker
GitHub - rix4uni/xsschecker: xsschecker tests endpoints for reflected XSS by injecting payloads and checking responses. It prints vulnerable if the payload is reflected, otherwise not vulnerable.
▶ Step 1: wget https://raw.githubusercontent.com/rix4uni/WordList/refs/heads/main/payloads/xss/favourite.txt if grep -qv "^rix4uni" "favourite.txt";then sed -i 's/^/rix4uni/' "favourite.txt";fi ▶ Step 2: echo "dell.com" | subfinder -duc -silent -nc | waybackurls | urldedupe -s | grep -aE '=|=' | \ egrep -aiv '.(jpg|jpeg|gif|css|tif|tiff|png|ttf|woff|woff2|icon|pdf|svg|txt|js)' | \ pvreplace -silent -payload favourite.txt -fuzzing-mode single | xsschecker -nc -match 'rix4uni' -vuln ▶ Step 3: You can run pyxss to check false positive or check manually one by one url in chrome
Starred by 38 users
Forked by 7 users
Languages Go 100.0% | Go 100.0%
GitHub
github.com › MariaGarber › XSS-Scanner
GitHub - MariaGarber/XSS-Scanner: XSS scanner that detects Cross-Site Scripting vulnerabilities in website by injecting malicious scripts · GitHub
XSS scanner that detects Cross-Site Scripting vulnerabilities in website by injecting malicious scripts - MariaGarber/XSS-Scanner
Starred by 128 users
Forked by 35 users
Languages JavaScript 62.0% | CSS 25.9% | HTML 12.1%
GitHub
github.com › lwzSoviet › NoXss
GitHub - lwzSoviet/NoXss: Faster xss scanner,support reflected-xss and dom-xss
NoXss is a cross-site script vulnerability scanner supported reflected xss and dom-based xss. It's very fast and suitable for testing millions of urls.
Starred by 444 users
Forked by 72 users
Languages Python 98.9% | Shell 1.1% | Python 98.9% | Shell 1.1%
GitHub
github.com › gbrindisi › xsssniper
GitHub - gbrindisi/xsssniper: An automatic XSS discovery tool · GitHub
Usage: xsssniper.py [options] Options: -h, --help show this help message and exit -u URL, --url=URL target URL --post try a post request to target url --data=POST_DATA post data to use --threads=THREADS number of threads --http-proxy=HTTP_PROXY scan behind given proxy (format: 127.0.0.1:80) --tor scan behind default Tor --crawl crawl target url for other links to test --forms crawl target url looking for forms to test --user-agent=USER_AGENT provide an user agent --random-agent perform scan with random user agents --cookie=COOKIE use a cookie to perform scans --dom basic heuristic to detect dom xss
Starred by 412 users
Forked by 121 users
Languages Python
GitHub
github.com › dwisiswant0 › findom-xss
GitHub - dwisiswant0/findom-xss: A fast DOM based XSS vulnerability scanner with simplicity.
A fast DOM based XSS vulnerability scanner with simplicity. - dwisiswant0/findom-xss
Starred by 840 users
Forked by 113 users
Languages Shell 100.0% | Shell 100.0%
GitHub
github.com › faizann24 › XssPy
GitHub - faizann24/XssPy: XssPy - Web Application XSS Scanner
XssPy is a python tool for finding Cross Site Scripting vulnerabilities in websites. This tool is the first of its kind. Instead of just checking one page as most of the tools do, this tool traverses the website and find all the links and subdomains ...
Starred by 840 users
Forked by 222 users
Languages Python 97.1% | Dockerfile 2.9% | Python 97.1% | Dockerfile 2.9%
GitHub
github.com › pwn0sec › PwnXSS
GitHub - pwn0sec/PwnXSS: PwnXSS: Vulnerability (XSS) scanner exploit · GitHub
A powerful XSS scanner made in ... pip install requests · python 3.7 Commands: git clone https://github.com/pwn0sec/PwnXSS chmod 755 -R PwnXSS cd PwnXSS python3 pwnxss.py --help · Basic usage: python3 pwnxss.py -u ...
Starred by 814 users
Forked by 149 users
Languages Python
GitHub
github.com › topics › xss-scanners
xss-scanners · GitHub Topics · GitHub
A simple tool to check XSS vulnerabilities by Golang.
GitHub
github.com › Asperis-Security › xssFuzz
GitHub - Asperis-Security/xssFuzz: 🚀 XSSFUZZ - A tool for detecting XSS vulnerabilities in web applications.
Welcome to Asperis Security's XSS Detection Tool! This tool is designed to help identify and validate Cross-Site Scripting (XSS) vulnerabilities through GET requests.
Starred by 125 users
Forked by 23 users
Languages Python 93.9% | Shell 6.1%
GitHub
github.com › stamparm › DSXS
GitHub - stamparm/DSXS: Damn Small XSS Scanner
$ python3 dsxs.py -h Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.3a by: Miroslav Stampar (@stamparm) Usage: dsxs.py [options] Options: --version show program's version number and exit -h, --help show this help message and exit -u URL, --url=URL Target URL (e.g.
Starred by 432 users
Forked by 132 users
Languages Python 100.0% | Python 100.0%
GitHub
github.com › hahwul › dalfox
GitHub - hahwul/dalfox: 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation. - hahwul/dalfox
Starred by 4.9K users
Forked by 520 users
Languages Go
GitHub
github.com › shokone › XSSChecker
GitHub - shokone/XSSChecker · GitHub
If you don\'t specify, the script will search for possible forms. Example: "username=admin&pass=admin" --user-agent USERAGENT User-Agent header value Detection: Use this options to check if target is vulnerable to XSS -l LEVEL, --level LEVEL Level of tests to perform ( values 1-3, default 1 ) Use only with default payloads.
Author shokone
GitHub
github.com › 1h3ll › xss_checker
GitHub - 1h3ll/LetsGoXss: XSS CHECKER · GitHub
A lightweight, Selenium-backed XSS testing utility that injects payloads into query parameters, path segments and fragments (optionally), validates the result using a real browser (Chrome via Chromedriver), and can send Telegram alerts when ...
Author 1h3ll
GitHub
github.com › EmperialX › XSS-Automation-Tool
GitHub - EmperialX/XSS-Automation-Tool: "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persistent XSS. Customize request headers, cookies, proxies, and auth. Find and exploit vulnerabilities with our XSS automation tool." · GitHub
"XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persistent XSS. Customize request headers, cookies, proxies, and auth.
Starred by 92 users
Forked by 12 users
Languages Python
GitHub
github.com › PortSwigger › xss-validator
GitHub - PortSwigger/xss-validator: This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities. · GitHub
This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities. - PortSwigger/xss-validator
Starred by 92 users
Forked by 30 users
Languages Java 94.5% | JavaScript 4.5% | HTML 1.0%