Alternatives and similar repositories for Excess-XSS:

Users that are interested in Excess-XSS are comparing it to the libraries listed below

• skepticfx / damnvulnerable.me
  A deliberately vulnerable modern day app with lots of DOM related bugs
  ☆36Updated 5 years ago
• avicoder / Hackerone
  Hackerone disclosed report URL Aggregator
  ☆29Updated 6 years ago
• infosec-au / websec-weekly
  The databases, API's and managers behind https://websecweekly.org
  ☆50Updated 9 years ago
• cure53 / PastePurify
  This is a tiny Chrome Extension that protects your from Clipboard XSS Attacks
  ☆19Updated 9 years ago
• incredibleindishell / Local-file-disclosure-SQL-Injection-Lab
  This is sample code to demonstrate how one can use SQL Injection vulnerability to download local file from server in specific condition. …
  ☆44Updated 7 years ago
• EdOverflow / hacks
  Some random scripts. Just trying to be like the cool kids.
  ☆90Updated 6 years ago
• wireghoul / sploit-dev
  Exploits and research stuffs
  ☆54Updated last year
• bekk / retire.js
  retire.js has a new home
  ☆20Updated 9 years ago
• tomsteele / burpstaticscan
  Use burp's JS static code analysis on code from your local system.
  ☆42Updated 8 years ago
• SecarmaLabs / dns-parallel-prober
  PoC for an adaptive parallelised DNS prober
  ☆44Updated 7 years ago
• mthbernardes / HouseProxy
  Protect your parents from phishing
  ☆39Updated 7 years ago
• penafieljlm / burp-tracer
  Allows you to trace where inputs are reflected back to the user.
  ☆37Updated 7 years ago
• tomsteele / burpbuddy
  burpbuddy exposes Burp Suites's extender API over the network through various mediums, with the goal of enabling development in any langu…
  ☆157Updated 6 years ago
• stasinopoulos / Jaidam
  Jaidam is an open source penetration testing tool that would take as input a list of domain names, scan them, determine if wordpress or j…
  ☆83Updated 6 years ago
• lorenzog / dns-parallel-prober
  PoC for an adaptive parallelised DNS prober
  ☆107Updated 2 years ago
• dxa4481 / cssInjection
  Stealing CSRF tokens with CSS injection (without iFrames)
  ☆318Updated 6 years ago
• compewter / CopyCat
  Universal MITM web server
  ☆106Updated 7 years ago
• albinowax / SecLists
  SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types i…
  ☆17Updated 8 years ago
• cure53 / Flashbang
  Project "Flashbang" - An open-source Flash-security helper
  ☆205Updated 9 years ago
• Matir / pwnableweb
  PwnableWeb is a suite of web applications for use in information security training.
  ☆87Updated 10 years ago
• krmaxwell / tinfoleak
  Get detailed information about a Twitter user activity
  ☆101Updated 9 years ago
• JordanMilne / YMail-Pineapple
  Tools for MITMing Yahoo! Mail with a Wifi Pineapple Mark V and Flash
  ☆28Updated 8 years ago
• bkimminich / webappsec-nutshell
  An ultra-compact intro (or refresher) to Web Application Security.
  ☆31Updated 6 years ago
• JacobReynolds / xssHunterExtension
  Chrome Extension for XSS Hunter Payloads
  ☆41Updated 8 years ago
• dxa4481 / Damn-Vulnerable-Redis-Container
  An example of obtaining RCE via Redis and CSRF
  ☆76Updated 8 years ago
• macubergeek / gitlist
  ☆44Updated 8 years ago
• securelayer7 / csv-injection-vulnerable-php-script-
  CSV injection Vulnerable Script.
  ☆29Updated 7 years ago
• vegabird / xvna
  Extreme Vulnerable Node Application
  ☆93Updated 6 years ago
• skahwah / automato
  automato should help with automating some of the user-focused enumeration tasks during an internal penetration test.
  ☆72Updated 5 years ago
• praetorian-inc / hashcatJS
  An implementation of the hashcat rules engine in javascript
  ☆47Updated 6 years ago