Alternatives and similar repositories for XSSor

Users that are interested in XSSor are comparing it to the libraries listed below

• crawl3r / PortswiggerXSS
  gathers the XSS cheatsheet payloads and creates a usable wordlist
  ☆74Updated 5 years ago
• tarunkant / EndPoint-Finder
  Finds the End-Points in JavaScript files
  ☆97Updated 4 years ago
• ZephrFish / BurpFeed
  Hacked together script for feeding urls into Burp's Sitemap
  ☆93Updated last month
• BitTheByte / BitBlinder
  BurpSuite extension to inject custom cross-site scripting payloads on every form/request submitted to detect blind XSS vulnerabilities
  ☆116Updated 3 weeks ago
• codewatchorg / Burp-AnonymousCloud
  Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities
  ☆49Updated 3 years ago
• SaadAhmedx / Subdomain-Takeover
  ☆58Updated 2 years ago
• vavkamil / XSSwagger
  A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks
  ☆60Updated 6 years ago
• tomnomnom / burl
  A Broken-URL Checker
  ☆82Updated 8 years ago
• yesnet0 / bounty
  Misc bounty and vulndisc things
  ☆85Updated 5 years ago
• devanshbatham / awesome-bughunting-oneliners
  A list of Awesome Bughunting oneliners , collected from the various sources
  ☆69Updated 2 years ago
• gwen001 / myrecon.py
  My recon script
  ☆50Updated 6 years ago
• unstabl3 / recce
  Domain availbility checker
  ☆39Updated 4 years ago
• gwen001 / BBstats
  Bug Bounty statistics tool.
  ☆33Updated 3 years ago
• cujanovic / Virtual-host-wordlist
  Virtual host wordlist
  ☆51Updated 5 years ago
• 1ndianl33t / 1ndiList
  Recon Custom WordList Ganerator
  ☆58Updated 5 years ago
• InitRoot / fransRecon
  Script will enumerate domain name using horizontal enumeration, reverse lookup. Each horziontal domain will then be vertically enumerated…
  ☆31Updated 6 years ago
• ksharinarayanan / bash-hacks
  Handy bash and python scripts for bug bounty hunting!
  ☆47Updated 4 years ago
• cujanovic / subdomain-bruteforce-list
  subdomain bruteforce list
  ☆102Updated last year
• random-robbie / open-redirect
  Open Redirect Finder.
  ☆52Updated 2 months ago
• Damian89 / simple-oob-scanner
  Simple tool to test for SSRF/OOB HTTP Read within the Path of a request
  ☆30Updated 6 years ago
• 0xbharath / assets-from-spf
  A Python script to parse net blocks & domain names from SPF record
  ☆85Updated 5 years ago
• devpwn / xmlrpc-scan
  golang tool to scan domains or single domains with know security issues against xmlrpc
  ☆61Updated 2 years ago
• B3nac / bXSSRequest
  Literally spray blind xss payloads everywhere.
  ☆26Updated 3 years ago
• hahwul / XSS-Payload-without-Anything
  XSS Payload without Anything.
  ☆104Updated 6 years ago
• tdr130 / assetnote
  Push notifications for passive DNS data
  ☆110Updated 9 years ago
• darkc0d37 / wordlistsbyNahamsec
  ☆38Updated 6 years ago
• YashGoti / gal
  Get all possible href | src | url from target url or domain
  ☆40Updated 5 years ago
• fellchase / flumberboozle
  Suite of programs meant to aid in bug hunting and security assessments
  ☆79Updated 6 years ago
• hipotermia / vaya-ciego-nen
  Detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.
  ☆40Updated 3 years ago
• InitRoot / BurpSQLTruncSanner
  Messy BurpSuite plugin for SQL Truncation vulnerabilities.
  ☆63Updated 5 years ago