Alternatives and similar repositories for xss-labs:

Users that are interested in xss-labs are comparing it to the libraries listed below

• 1hack0 / bug-bounty-101
  Happy Hunting
  ☆137Updated 5 years ago
• owtf / wafbypasser
  ☆78Updated 10 years ago
• C1h2e1 / Recon
  Easy Fast recon script
  ☆29Updated 5 years ago
• p3n73st3r / Ghazi
  Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…
  ☆109Updated 5 years ago
• PortSwigger / j2ee-scan
  J2EEScan is a plugin for Burp Suite Proxy. The goal of this plugin is to improve the test coverage during web application penetration tes…
  ☆73Updated 3 years ago
• jas502n / CVE-2019-11580
  CVE-2019-11580 Atlassian Crowd and Crowd Data Center RCE
  ☆105Updated 5 years ago
• gh0stkey / JSONandHTTPP
  Burp Suite Plugin: Convert the json text that returns the body into HTTP request parameters.
  ☆99Updated 3 years ago
• Q2h1Cg / xss_scan
  XSS Scan
  ☆104Updated 11 years ago
• jiangsir404 / Xss-Sql-Fuzz
  burpsuite 插件对GP所有参数(过滤特殊参数)一键自动添加xss sql payload 进行fuzz
  ☆61Updated 6 years ago
• Lopseg / Jsdir
  Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.
  ☆118Updated 4 years ago
• 7kbstorm / Red-Teaming-Toolkit
  A collection of open source and commercial tools that aid in red team operations.
  ☆37Updated 6 years ago
• CHYbeta / WAF-Bypass
  WAF Bypass Cheatsheet
  ☆210Updated 7 years ago
• jas502n / cve-2019-2618
  Weblogic Upload Vuln(Need username password)-CVE-2019-2618
  ☆172Updated 5 years ago
• PortSwigger / authz
  ☆107Updated 7 years ago
• summitt / burp-ysoserial
  YSOSERIAL Integration with burp suite
  ☆163Updated 2 years ago
• NytroRST / XSSFuzzer
  XSS Fuzzer is a tool which generates XSS payloads based on user-defined vectors and fuzzing lists.
  ☆140Updated 5 years ago
• arbazkiraak / web-cache-deception-checker
  Tool is to check for Cache Deception Attack Both For Authenticated and UnAuthenticated Pages
  ☆43Updated 3 years ago
• nixawk / fuzzdb
  Web Fuzzing Discovery and Attack Pattern Database
  ☆113Updated 6 years ago
• wooyin / KeywordHunter
  A Burp-Extension can hunt some keywords that might leak sensitive information.
  ☆26Updated 5 years ago
• CHYbeta / php_bugs
  PHP代码审计分段讲解
  ☆26Updated 7 years ago
• jas502n / CVE-2019-12409
  Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS="true")
  ☆103Updated 5 years ago
• sdsecurity / pooltest
  网上收集的一些利用工具
  ☆18Updated last year
• g0rx / Drupal-SA-CORE-2019-003
  CVE-2019-6340-Drupal SA-CORE-2019-003
  ☆32Updated 5 years ago
• az0ne / jboss_autoexploit
  JBoss JMXInvokerServlet JMXInvoker 0.3 - Remote Command Execution​ 漏洞批量检测
  ☆68Updated 9 years ago
• aipengjie / sensitivefilescan
  ☆182Updated last year
• jas502n / CVE-2019-0232
  Apache Tomcat Remote Code Execution on Windows - CGI-BIN
  ☆77Updated 5 years ago
• m6a-UdS / ssrf-lab
  Lab for exploring SSRF vulnerabilities
  ☆245Updated 3 years ago
• pyn3rd / CVE-2019-0232
  Apache Tomcat Remote Code Execution on Windows
  ☆184Updated 5 years ago
• 5up3rc / NagaScan
  NagaScan is a distributed passive scanner for Web application.
  ☆90Updated 7 years ago