humblelad/Awesome-XSS-Payloads external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

humblelad/Awesome-XSS-Payloads

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/humblelad/Awesome-XSS-Payloads)

Close

humblelad / Awesome-XSS-PayloadsView on GitHubMore

• External links
• Readme badge

Exotic and uncommon XSS Vectors to hit the target as quickly as possible.

☆20May 27, 2020Updated 5 years ago

Alternatives and similar repositories for Awesome-XSS-Payloads

Users that are interested in Awesome-XSS-Payloads are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• sokaRepo / bugbounty

  View on GitHub
  WebApp for BugBounty Hunters
  ☆14Mar 24, 2017Updated 9 years ago
• hausec / Set-RBCDBytes

  View on GitHub
  ☆18Nov 24, 2020Updated 5 years ago
• rbagrov / SIPTools

  View on GitHub
  SIP Tools
  ☆14Sep 15, 2016Updated 9 years ago
• JoshMorrison99 / isXSS-Burp

  View on GitHub
  Passively check for XSS character encodings
  ☆18Mar 9, 2026Updated 2 weeks ago
• 0xAgun / All1

  View on GitHub
  Automated Recon Tool Installer
  ☆16Jun 29, 2022Updated 3 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• thelikes / fuzznav

  View on GitHub
  parse ffuf & map endpoints to wordlists
  ☆21Feb 25, 2021Updated 5 years ago
• h1pmnh / h1reports

  View on GitHub
  A tool which allows HackerOne researchers to download their reports into a local, indexed, and searchable repository
  ☆19Sep 29, 2022Updated 3 years ago
• Micro0x00 / Bug-Bounty-Platforms

  View on GitHub
  Bug Bounty Platforms
  ☆26Oct 17, 2024Updated last year
• akincibor / SSRFexploit

  View on GitHub
  Extract metadata with SSRF (Server-Side Request Forgery)
  ☆16Jul 23, 2022Updated 3 years ago
• n0kovo / DomainDouche

  View on GitHub
  OSINT tool abusing SecurityTrails domain suggestion API to find potentially related domains by keyword and brute force.
  ☆26Mar 10, 2023Updated 3 years ago
• raskyer / razboynik

  View on GitHub
  Go command line app to exploit file upload vulnerability
  ☆12Feb 8, 2017Updated 9 years ago
• badchars / AzureAD-Pentest

  View on GitHub
  AzureAD Pentest
  ☆25Mar 24, 2022Updated 4 years ago
• hisxo / Wordlist

  View on GitHub
  Wordlists for Bug Bounty
  ☆23Aug 18, 2019Updated 6 years ago
• castilho101 / FuzzyGuard

  View on GitHub
  ☆16Mar 11, 2024Updated 2 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• dfir-it / supreme-backdoor-factory

  View on GitHub
  This repository contains additional files mentioned in the blog post
  ☆22Feb 26, 2019Updated 7 years ago
• Micro0x00 / Dark-Telegram

  View on GitHub
  ☆19Sep 1, 2022Updated 3 years ago
• threatexpress / procdot_sandbox

  View on GitHub
  ProcDot Malware Sandbox
  ☆26Jul 28, 2025Updated 8 months ago
• tr3ss / newclei

  View on GitHub
  A Go tool that gets the newest PRs from projectdiscovery/nuclei-templates.
  ☆55Jun 13, 2023Updated 2 years ago
• yehgdotnet / mobileptrepo

  View on GitHub
  Repository of various scripts related to Mobile PT. Copyrights and Licensing terms belong to respective owners.
  ☆12Nov 4, 2019Updated 6 years ago
• pry0cc / gorgo

  View on GitHub
  A multi-threaded password sprayer based on Medusa, built for distributed spraying.
  ☆36Oct 17, 2021Updated 4 years ago
• francisck / mwcrawler

  View on GitHub
  Updated Malware Crawler to populate repositories
  ☆10Jul 6, 2015Updated 10 years ago
• navisk13 / eJPT-resources

  View on GitHub
  A collection of lab reports of the Penetration Testing Student course by INE which prepares you for the eJPT.
  ☆50Jun 27, 2021Updated 4 years ago
• mlcsec / clovery

  View on GitHub
  Cloud Discovery - brute force public AWS, GCP, Alibaba, and Azure cloud services
  ☆24Jan 21, 2021Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• S12cybersecurity / Broke-Login

  View on GitHub
  Simple Python Modular Script to Broke Web Logins
  ☆15Oct 7, 2022Updated 3 years ago
• Findomain / fresh-resolvers

  View on GitHub
  List of fresh and validated DNS resolvers updated every 12h.
  ☆24Mar 22, 2026Updated last week
• bp0lr / dmut-resolvers

  View on GitHub
  public dns server list for dmut project
  ☆18Nov 30, 2023Updated 2 years ago
• akincibor / 403-bypass

  View on GitHub
  Enhanced 403 bypass header
  ☆21Sep 12, 2022Updated 3 years ago
• xitmakes / scope.sh

  View on GitHub
  ☆15Mar 21, 2025Updated last year
• jamesbcook / ducky_lsass_dump

  View on GitHub
  ☆12Sep 4, 2013Updated 12 years ago
• lem0nSec / ASM_World

  View on GitHub
  Offensive Assembly code snippets.
  ☆13Jul 12, 2023Updated 2 years ago
• bp0lr / dnsfaster

  View on GitHub
  Test the speed and reliability of a list of DNS servers
  ☆22Dec 9, 2020Updated 5 years ago
• daffainfo / bypass-403

  View on GitHub
  Go script for bypassing 403 forbidden
  ☆161Aug 6, 2021Updated 4 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• tamimhasan404 / Google-Dorks

  View on GitHub
  Speed-up your hunting with google dorks🚀🚀
  ☆21Sep 8, 2022Updated 3 years ago
• tamimhasan404 / Nmap-Cheat-Sheet

  View on GitHub
  Here I am trying to show you some cheat-sheet of nmap. Which may help you on penetration testing and bug hunting.
  ☆20Dec 20, 2021Updated 4 years ago
• Helixo32 / GetSystem-LCI

  View on GitHub
  GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…
  ☆36Nov 24, 2024Updated last year
• devanshbatham / dnsaudit

  View on GitHub
  A command-line utility for auditing DNS configuration using Zonemaster API
  ☆32Aug 21, 2023Updated 2 years ago
• hacksys-hub / hacksys_xss

  View on GitHub
  ☆23Sep 19, 2024Updated last year
• Devang-Solanki / recon.cloud

  View on GitHub
  recon.cloud is website that scans AWS, Azure and GCP public cloud footprint this GO tool only utilize its API for getting result to termi…
  ☆25Feb 11, 2023Updated 3 years ago
• h0tak88r / Wordlists

  View on GitHub
  A Collection of Wordlists for Penetration Testing
  ☆35Mar 13, 2026Updated 2 weeks ago