Alternatives and similar repositories for dom-based-xss-finder

Users that are interested in dom-based-xss-finder are comparing it to the libraries listed below

• kiranreddyrebel / PostMessage_Fuzz_Tool

  View on GitHub
  #BugBounty #BugBounty Tools #WebDeveloper Tool
  ☆38May 17, 2025Updated 9 months ago
• fcavallarin / burp-dom-scanner

  View on GitHub
  Burp Suite's extension to scan and crawl Single Page Applications
  ☆107Apr 14, 2023Updated 2 years ago
• nscuro / fdnssearch

  View on GitHub
  Swiftly search FDNS datasets from Rapid7 Open Data
  ☆23Nov 20, 2022Updated 3 years ago
• fcavallarin / domdig

  View on GitHub
  DOM XSS scanner for Single Page Applications
  ☆417Nov 15, 2025Updated 3 months ago
• Str1am / Auto_JsFinder

  View on GitHub
  ☆21Jun 29, 2022Updated 3 years ago
• ac0d3r / xssfinder

  View on GitHub
  Browser-based XSS finder
  ☆209Jul 30, 2022Updated 3 years ago
• codewatchorg / Burp-AnonymousCloud

  View on GitHub
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆48Jan 11, 2023Updated 3 years ago
• bayotop / sink-logger

  View on GitHub
  Transparently log all data passed into known JavaScript sinks - Sink Logger extension for Burp.
  ☆49Jul 20, 2022Updated 3 years ago
• pwnpanda / ParamCleaner

  View on GitHub
  Removes duplicate entries from a file, resulting in only unique parameter combinations. Useful for parsing waybackurls and making recon m…
  ☆11May 31, 2020Updated 5 years ago
• k-vulner / XSS-Detect

  View on GitHub
  一个burpsuite插件，用于被动检测可能存在的XSS漏洞的请求。后续将完善对于可以请求的xss探针、xss攻击以及DOM型xss检测。
  ☆16Dec 26, 2018Updated 7 years ago
• rook1337 / hakrawlerx8chain

  View on GitHub
  ☆13Jul 12, 2021Updated 4 years ago
• Naategh / dom-red

  View on GitHub
  Small script to check a list of domains against open redirect vulnerability
  ☆28Jan 22, 2022Updated 4 years ago
• pandaonair / Jolokia-RCE

  View on GitHub
  ☆17Dec 14, 2022Updated 3 years ago
• ollseg / ttt-ext

  View on GitHub
  Chrome extension to aid in finding DOMXSS by simple taint analysis of string values.
  ☆80Jun 1, 2019Updated 6 years ago
• filedescriptor / untrusted-types

  View on GitHub
  ☆694Jul 4, 2022Updated 3 years ago
• vp777 / metahttp

  View on GitHub
  A bash script that automates the scanning of a target network for HTTP resources through XXE
  ☆37Dec 2, 2020Updated 5 years ago
• jiangsir404 / Xss-Sql-Fuzz

  View on GitHub
  burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
  ☆63Dec 4, 2018Updated 7 years ago
• BitTheByte / BitBlinder

  View on GitHub
  BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities
  ☆118Dec 23, 2025Updated last month
• dxa4481 / XSSOauthPersistence

  View on GitHub
  Maintaining account persistence via XSS and Oauth
  ☆77Jan 7, 2019Updated 7 years ago
• execveat / burp-brief-editor-tab

  View on GitHub
  Burp Suite extension that makes your life easier by tucking the headers out of the way, so you can see the body content right away withou…
  ☆39Oct 23, 2023Updated 2 years ago
• whitel1st / docem

  View on GitHub
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆674Jan 28, 2024Updated 2 years ago
• Anon-Exploiter / BOF

  View on GitHub
  Some Buffer Overflow Automation Scripts I'll be using between PWK labs and Exam!
  ☆19Nov 5, 2020Updated 5 years ago
• Static-Flow / ParameterMiner

  View on GitHub
  Built on a lazy Sunday after seeing this tweet (https://twitter.com/intigriti/status/1272145863868104705?s=20) I present to you, Paramete…
  ☆51Jun 14, 2020Updated 5 years ago
• kleiton0x00 / ppmap

  View on GitHub
  A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
  ☆519Jun 22, 2022Updated 3 years ago
• Damian89 / extended-xss-search

  View on GitHub
  A better version of my xssfinder tool - scans for different types of xss on a list of urls.
  ☆188Aug 3, 2019Updated 6 years ago
• danielthatcher / smuggles

  View on GitHub
  An HTTP request smuggling scanner designed to work at scale
  ☆24Oct 2, 2022Updated 3 years ago
• lauritzh / domscan

  View on GitHub
  Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.
  ☆255Feb 10, 2025Updated last year
• onSec-fr / CVE-2020-0688-Scanner

  View on GitHub
  Quick tool for checking CVE-2020-0688 on multiple hosts with a non-intrusive method.
  ☆38Jun 1, 2021Updated 4 years ago
• AlfredBerg / dnsline

  View on GitHub
  Tool for making it easy to collect dns results from the CLI
  ☆40Aug 14, 2024Updated last year
• InitRoot / BurpSQLTruncSanner

  View on GitHub
  Messy BurpSuite plugin for SQL Truncation vulnerabilities.
  ☆63Apr 17, 2020Updated 5 years ago
• KarimPwnz / sourcegraph-scripts

  View on GitHub
  Scripts for Sourcegraph search results. Useful for static analysis <3
  ☆28Jun 30, 2023Updated 2 years ago
• ninewires / scripts

  View on GitHub
  Various scripts & tools
  ☆12Apr 22, 2024Updated last year
• clod81 / loader_process_hollow_copy_in_chunk

  View on GitHub
  About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once
  ☆13Jul 14, 2022Updated 3 years ago
• soufianetahiri / MagentoScanner

  View on GitHub
  Magento Security Scanner
  ☆13Jan 10, 2022Updated 4 years ago
• CyberSecurityUP / ImgPayload

  View on GitHub
  Advanced shellcode injector for images supports BMP, GIF, EXIF (JPEG), and LSB (PNG) techniques. Includes XOR encoding, offset indexing, …
  ☆24Jun 11, 2025Updated 8 months ago
• roddux / wordpress-dos-poc

  View on GitHub
  WordPress <= 5.3.? DoS
  ☆24Dec 17, 2019Updated 6 years ago
• honoki / bbrf-burp-plugin

  View on GitHub
  A BurpSuite plugin for BBRF
  ☆25Nov 17, 2024Updated last year
• cybercdh / dirlstr

  View on GitHub
  Finds Directory Listings or open S3 buckets from a list of URLs
  ☆52Dec 1, 2021Updated 4 years ago
• bugbountyforum / XSS-Radar

  View on GitHub
  ☆332Jan 8, 2018Updated 8 years ago