Alternatives and similar repositories for xss-payload-list

Users that are interested in xss-payload-list are comparing it to the libraries listed below

• payloadbox / sql-injection-payload-list
  🎯 SQL Injection Payload List
  ☆5,880Updated last year
• payloadbox / command-injection-payload-list
  🎯 Command Injection Payload List
  ☆3,554Updated last year
• EdOverflow / bugbounty-cheatsheet
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆6,280Updated 2 years ago
• s0md3v / Arjun
  HTTP parameter discovery suite.
  ☆5,873Updated 7 months ago
• 1N3 / IntruderPayloads
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,852Updated 4 years ago
• EdOverflow / can-i-take-over-xyz
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆5,370Updated 8 months ago
• reddelexc / hackerone-reports
  Top disclosed reports from HackerOne
  ☆4,880Updated 3 weeks ago
• hahwul / dalfox
  🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
  ☆4,584Updated last week
• snoopysecurity / awesome-burp-extensions
  A curated list of amazingly awesome Burp Extensions
  ☆3,286Updated 7 months ago
• ticarpi / jwt_tool
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆6,115Updated 5 months ago
• devanshbatham / Awesome-Bugbounty-Writeups
  A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
  ☆5,349Updated 2 years ago
• fuzzdb-project / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆8,697Updated last year
• xmendez / wfuzz
  Web application fuzzer
  ☆6,297Updated last year
• projectdiscovery / subfinder
  Fast passive subdomain enumeration tool.
  ☆12,346Updated last week
• mandatoryprogrammer / xsshunter-express
  An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
  ☆2,062Updated last year
• tomnomnom / waybackurls
  Fetch all the URLs that the Wayback Machine knows about for a domain
  ☆4,127Updated last year
• s0md3v / AwesomeXSS
  Awesome XSS stuff
  ☆5,002Updated 11 months ago
• streaak / keyhacks
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆5,796Updated last year
• kleiton0x00 / Advanced-SQL-Injection-Cheatsheet
  A cheat sheet that contains advanced queries for SQL Injection of all types.
  ☆3,053Updated 2 years ago
• ffuf / ffuf
  Fast web fuzzer written in Go
  ☆14,844Updated 5 months ago
• tomnomnom / assetfinder
  Find domains and subdomains related to a given domain
  ☆3,407Updated last year
• GerbenJavado / LinkFinder
  A python script that finds endpoints in JavaScript files
  ☆4,133Updated last year
• foospidy / payloads
  Git All the Payloads! A collection of web attack payloads.
  ☆3,838Updated 2 years ago
• lc / gau
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
  ☆4,584Updated 9 months ago
• jhaddix / tbhm
  The Bug Hunters Methodology
  ☆4,156Updated 2 years ago
• EnableSecurity / wafw00f
  WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
  ☆5,902Updated 3 weeks ago
• ngalongc / bug-bounty-reference
  Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
  ☆3,986Updated last year
• 0xInfection / Awesome-WAF
  Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥
  ☆6,894Updated last month
• michenriksen / aquatone
  A Tool for Domain Flyovers
  ☆5,854Updated 3 years ago
• guelfoweb / knock
  Knock Subdomain Scan
  ☆4,063Updated 4 months ago