Alternatives and similar repositories for XSS:

Users that are interested in XSS are comparing it to the libraries listed below

• Xyntax / waf-bypass
  ☆60Updated 6 years ago
• cnotin / RazorVulnerableApp
  DO NOT USE: this is a vulnerable ASP.NET web app using Razor templating engine. The vulnerability is a Server-Side Template Injection (SS…
  ☆26Updated 4 years ago
• osamahamad / CVE-2020-9484-Mass-Scan
  CVE-2020-9484 Mass Scanner, Scan a list of urls for Apache Tomcat deserialization (CVE-2020-9484) which could lead to RCE
  ☆32Updated 4 years ago
• wallarm / fast-detects
  ☆43Updated 2 years ago
• mpgn / CVE-2019-7609
  RCE on Kibana versions before 5.6.15 and 6.6.0 in the Timelion visualizer
  ☆55Updated 5 years ago
• ihebski / XSS-Payloads
  Collection of XSS Payloads for fun and profit
  ☆172Updated 4 years ago
• Sjord / jwtdemo
  Practice hacking JWT tokens
  ☆113Updated 2 years ago
• xsuperbug / payloads
  ☆140Updated 6 years ago
• mansoorr123 / wp-file-manager-CVE-2020-25213
  https://medium.com/@mansoorr/exploiting-cve-2020-25213-wp-file-manager-wordpress-plugin-6-9-3f79241f0cd8
  ☆57Updated 4 years ago
• raystyle / BurpSuite_Pro_v1.7.32
  ☆25Updated 6 years ago
• ssl / scan4log4j
  Python script that sends CVE-2021-44228 log4j payload requests to url list
  ☆7Updated 3 years ago
• ThePacketBender / notes
  notes 2016-present
  ☆42Updated 4 years ago
• codewatchorg / Burp-UserAgent
  Automatically modify the User-Agent header in all Burp requests
  ☆55Updated 7 years ago
• blue1616 / monolith
  ☆19Updated 3 years ago
• w4fz5uck5 / Pentest-notes
  Pentest stuff
  ☆48Updated last year
• laconicwolf / Masscan-to-CSV
  Converts the Masscan XML output option (-oX) to a csv format.
  ☆56Updated 6 years ago
• PortSwigger / json-beautifier
  JSON Beautifier for Burp written in Java
  ☆39Updated 4 years ago
• HoangKien1020 / Joomla-SQLinjection
  Collection about PoC for sql injection on Joomla
  ☆30Updated 4 years ago
• andripwn / PayloadsAll
  A list of useful payloads and bypass for Web Application Security and Pentest/CTF
  ☆45Updated 5 years ago
• withdk / sqli-tools
  Blind SQL Injection (BSQLI) Data Exploration Tool
  ☆18Updated 8 years ago
• omurugur / OS_Command_Payload_List
  OS Command Injection Vulnerability Payload List
  ☆48Updated 4 years ago
• yavolo / Web-CTF-Cheatsheet
  Web CTF CheatSheet 🐈
  ☆33Updated 5 years ago
• xiaoxiaoleo / pentest-script
  Script for pentest
  ☆39Updated 4 years ago
• 21y4d / blindSQLi
  A python based blind SQL injection exploitation script
  ☆136Updated 5 years ago
• 0xAJ2K / CVE-2020-11022-CVE-2020-11023
  Little thing put together quickly to demonstrate this CVE
  ☆32Updated 2 years ago
• pimps / CVE-2018-7600
  Exploit for Drupal 7 <= 7.57 CVE-2018-7600
  ☆132Updated 6 years ago
• Mik317 / Not-XSSer
  Tool for test XSS vulnerabilities of a site
  ☆20Updated 6 years ago
• ArunBhandarii / Apache-Struts-0Day-Exploit
  Critical Remote Code Execution Vulnerability (CVE-2018-11776) Found in Apache Struts.
  ☆14Updated 4 years ago
• LandGrey / abuse-ssl-bypass-waf
  Bypassing WAF by abusing SSL/TLS Ciphers
  ☆312Updated 3 years ago
• h43z / dns-rebinding-tool
  dns rebind tool with custom scripts
  ☆83Updated last year