Build software better, together

Hacker0x01 / hacker101

Hacker101

education hacking security hackerone hacker101 xss clickjacking csrf web-security session-fixation unchecked-redirects sql-injection

CSS Updated Apr 22, 2019

s0md3v / XSStrike

6.9k

Most advanced XSS scanner.

xss xss-scanner xss-exploit xss-bruteforce xss-python xss-detection xsstrike waf-detection

Python Updated Jul 10, 2019

cure53 / DOMPurify

3.8k

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secu…

xss sanitizer dom security javascript dompurify prevent-xss-attacks mathml html svg cross-site-scripting

JavaScript Updated Jul 12, 2019

Arachni / arachni

2.5k

Web Application Security Scanner Framework

arachni dom ruby audit detection security-audit analysis modular javascript scanners web-application vulnerability-detection crawler scanner hack hacking penetration-testing xss sql-injection

Ruby Updated Jan 15, 2019

s0md3v / AwesomeXSS

2.4k

Awesome XSS stuff

xss payload xss-payloads payload-list xss-detection xss-cheatsheet

JavaScript Updated Jul 12, 2019

CHYbeta / Web-Security-Learning

2.4k

Web-Security-Learning

security sqlinjection xss

HTML Updated Oct 31, 2018

foospidy / payloads

1.8k

Git All the Payloads! A collection of web attack payloads.

payload payloads xss sqli web-attack-payloads passwords pentest hacking appsec cybersecurity

Shell Updated Apr 6, 2019

evilcos / xssor2

1.6k

XSS'OR - Hack with JavaScript.

probe pentest-tool xss csrf encoding hacking-tool pentest hack

JavaScript Updated Feb 3, 2019

m4ll0k / WAScan

1.4k

WAScan - Web Application Scanner

webapp scanner web sql xss injection

Python Updated Apr 23, 2019

microcosm-cc / bluemonday

1.3k

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content …

sanitization html security xss go owasp whitelist

Go Updated Aug 10, 2019

blaCCkHatHacEEkr / PENTESTING-BIBLE

1.2k

This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to a…

Updated Aug 18, 2019

chaitin / xray

1.1k

xray 安全评估工具

security vulnerability vulnerability-scanner passive-vulnerability-scanner xss sqlinjection poc

Updated Aug 20, 2019

0xSobky / HackVault

938

A container repository for my public web hacks!

payloads web-security pentesting tracking fuzzing regex reconnaissance xss exploit

JavaScript Updated Sep 7, 2018

m4n3dw0lf / pythem

875

pentest framework

Python Updated Feb 21, 2019

jklmnn / imagejs

759

Small tool to package javascript into a valid image file.

injection xss

C Updated Mar 14, 2018

masatokinugawa / filterbypass

673

Browser's XSS Filter Bypass Cheat Sheet

pentest xss security cheatsheet

Updated May 6, 2017

mganss / HtmlSanitizer

648

Cleans HTML to avoid XSS attacks

xss html sanitizer

C# Updated Jul 22, 2019

v3n0m-Scanner / V3n0M-Scanner

642

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Python Updated Aug 14, 2019

payloadbox / xss-payload-list

621

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

HTML Updated Jan 28, 2019

ssl / ezXSS

536

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

payload xss blind php test xss-vulnerability xss-exploitation xss-detection xss-attacks xss-injection xss-scanner blind-xss easy-to-use easy bug bugbounty penetration-testing alert

PHP Updated Jun 22, 2019

samdenty / injectify

533

Perform advanced MiTM attacks on websites with ease 💉

mitm xss console-replication typescript nodejs modular reactjs redux webpack github-oauth mongodb

Good first issues

docs

#4 opened Jan 30, 2018 by zero77

9

TypeScript Updated Jul 20, 2019

AlisamTechnology / ATSCAN

532

Advanced Search & Mass Exploit Scanner

Perl Updated Aug 11, 2019

1N3 / BlackWidow

502

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.

Python Updated Nov 8, 2018

paragonie / csp-builder

466

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

csp csp-header json-configuration csp-builder content-security-policy http http-header php easy-to-use secure-by-default security xss cross-site-scripting

PHP Updated Mar 13, 2019

Janusec / janusec

455

Janusec Application Gateway, a Golang based application security solution which provides WAF (Web Application Firewal…

waf web-application-firewall application-gateway load-balance gateway application-security golang go security web-application-security reverse-proxy sql-injection xss cc-attack-defense sensitive-data-leakage janusec-application-gateway

Go Updated Feb 22, 2019

nette / latte

440

☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.

nette nette-framework latte php template-engine xss security content-aware safety security-hole

PHP Updated Aug 5, 2019

Metnew / uxss-db

428

🔪Browser logic vulnerabilities DB ☠️

security browser xss vulnerability cve javascript

HTML Updated Oct 10, 2018

cagataycali / xss-listener

402

🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

xss xss-attacks security-hardening security-tools xss-harvest xss-harvester

JavaScript Updated Dec 10, 2018

CoolerVoid / 0d1n

382

Web security tool to make fuzzing at HTTP/S, Beta

web-server security hacking fuzzing sqlinjection xss bruteforce libcurl

C Updated May 17, 2019

RisingStack / protect

373

Proactively protect your Node.js web services

security express xss sql-injection nodejs

JavaScript Updated Sep 28, 2018

xss

Repositories 317