humblelad/Awesome-XSS-Payloads external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

humblelad/Awesome-XSS-Payloads

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/humblelad/Awesome-XSS-Payloads)

Close

humblelad / Awesome-XSS-PayloadsView on GitHubMore

• External links
• Readme badge

Exotic and uncommon XSS Vectors to hit the target as quickly as possible.

☆20May 27, 2020Updated 6 years ago

Alternatives and similar repositories for Awesome-XSS-Payloads

Users that are interested in Awesome-XSS-Payloads are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• YouGina / wordlistweaver

  View on GitHub
  Quick tool to create custom wordlists like how fuzzers work
  ☆10Sep 29, 2023Updated 2 years ago
• sokaRepo / bugbounty

  View on GitHub
  WebApp for BugBounty Hunters
  ☆14Mar 24, 2017Updated 9 years ago
• kmindi / log4shell-vulnerable-app

  View on GitHub
  Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell.
  ☆13Dec 14, 2021Updated 4 years ago
• hausec / Set-RBCDBytes

  View on GitHub
  ☆18Nov 24, 2020Updated 5 years ago
• JoshMorrison99 / isXSS-Burp

  View on GitHub
  Passively check for XSS character encodings
  ☆19Mar 9, 2026Updated 2 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• 0xAgun / All1

  View on GitHub
  Automated Recon Tool Installer
  ☆16Jun 29, 2022Updated 3 years ago
• thelikes / fuzznav

  View on GitHub
  parse ffuf & map endpoints to wordlists
  ☆21Feb 25, 2021Updated 5 years ago
• h1pmnh / h1reports

  View on GitHub
  A tool which allows HackerOne researchers to download their reports into a local, indexed, and searchable repository
  ☆19Sep 29, 2022Updated 3 years ago
• lucky0luke / Bug-Bounty-Platforms

  View on GitHub
  Bug Bounty Platforms
  ☆26Oct 17, 2024Updated last year
• akincibor / SSRFexploit

  View on GitHub
  Extract metadata with SSRF (Server-Side Request Forgery)
  ☆16Jul 23, 2022Updated 3 years ago
• n0kovo / DomainDouche

  View on GitHub
  OSINT tool abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.
  ☆26Mar 10, 2023Updated 3 years ago
• raskyer / razboynik

  View on GitHub
  Go command line app to exploit file upload vulnerability
  ☆12Feb 8, 2017Updated 9 years ago
• badchars / AzureAD-Pentest

  View on GitHub
  AzureAD Pentest
  ☆25Mar 24, 2022Updated 4 years ago
• hisxo / Wordlist

  View on GitHub
  Wordlists for Bug Bounty
  ☆23Aug 18, 2019Updated 6 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• rmccrystal / window-overlay

  View on GitHub
  A window overlay written in Rust
  ☆14Apr 28, 2021Updated 5 years ago
• sabrinalupsan / pentesting-azure-ad

  View on GitHub
  A cheatsheet of commands used to pass the CARTP (Certified Azure Red Team Professional) exam.
  ☆25May 4, 2023Updated 3 years ago
• dfir-it / supreme-backdoor-factory

  View on GitHub
  This repository contains additional files mentioned in the blog post
  ☆22Feb 26, 2019Updated 7 years ago
• lucky0luke / Dark-Telegram

  View on GitHub
  ☆19Sep 1, 2022Updated 3 years ago
• threatexpress / procdot_sandbox

  View on GitHub
  ProcDot Malware Sandbox
  ☆26Jul 28, 2025Updated 10 months ago
• tr3ss / newclei

  View on GitHub
  A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.
  ☆55Jun 13, 2023Updated 2 years ago
• yehgdotnet / mobileptrepo

  View on GitHub
  Repository of various scripts related to Mobile PT. Copyrights and Licensing terms belong to respective owners.
  ☆12Nov 4, 2019Updated 6 years ago
• pry0cc / gorgo

  View on GitHub
  A multi-threaded password sprayer based on Medusa, built for distributed spraying.
  ☆37Oct 17, 2021Updated 4 years ago
• francisck / mwcrawler

  View on GitHub
  Updated Malware Crawler to populate repositories
  ☆10Jul 6, 2015Updated 10 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• navisk13 / eJPT-resources

  View on GitHub
  A collection of lab reports of the Penetration Testing Student course by INE which prepares you for the eJPT.
  ☆49Jun 27, 2021Updated 4 years ago
• mlcsec / clovery

  View on GitHub
  Cloud Discovery - brute force public AWS, GCP, Alibaba, and Azure cloud services
  ☆24Jan 21, 2021Updated 5 years ago
• S12cybersecurity / Broke-Login

  View on GitHub
  Simple Python Modular Script to Broke Web Logins
  ☆15Oct 7, 2022Updated 3 years ago
• Findomain / fresh-resolvers

  View on GitHub
  List of fresh and validated DNS resolvers updated every 12h.
  ☆24Updated this week
• akincibor / 403-bypass

  View on GitHub
  Enhanced 403 bypass header
  ☆21Sep 12, 2022Updated 3 years ago
• Dhamuharker / Xss-

  View on GitHub
  Awesome XSS Payloads
  ☆83Feb 24, 2016Updated 10 years ago
• xitmakes / scope.sh

  View on GitHub
  ☆15Mar 21, 2025Updated last year
• jamesbcook / ducky_lsass_dump

  View on GitHub
  ☆12Sep 4, 2013Updated 12 years ago
• lem0nSec / ASM_World

  View on GitHub
  Offensive Assembly code snippets.
  ☆13Jul 12, 2023Updated 2 years ago
• Deploy to Railway using AI coding agents - Free Credits Offer • Ad
  Use Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
• bp0lr / dnsfaster

  View on GitHub
  Test the speed and reliability of a list of DNS servers
  ☆22Dec 9, 2020Updated 5 years ago
• tamimhasan404 / Google-Dorks

  View on GitHub
  Speed-up your hunting with google dorks🚀🚀
  ☆21Sep 8, 2022Updated 3 years ago
• tamimhasan404 / Nmap-Cheat-Sheet

  View on GitHub
  Here I am trying to show you some cheat-sheet of nmap. Which may help you on penetration testing and bug hunting.
  ☆20Dec 20, 2021Updated 4 years ago
• Helixo32 / GetSystem-LCI

  View on GitHub
  GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…
  ☆36Nov 24, 2024Updated last year
• devanshbatham / dnsaudit

  View on GitHub
  A command-line utility for auditing DNS configuration using Zonemaster API
  ☆32Aug 21, 2023Updated 2 years ago
• hacksys-hub / hacksys_xss

  View on GitHub
  ☆23Sep 19, 2024Updated last year
• vaishnavucv / CEHv13-notes

  View on GitHub
  a breakdown of the Certified Ethical Hacker (CEH v13) course modules along with their key objectives. These modules are structured to al…
  ☆24Jul 13, 2025Updated 10 months ago