Alternatives and similar repositories for xss-payload-list

Users that are interested in xss-payload-list are comparing it to the libraries listed below

• payloadbox / command-injection-payload-list
  🎯 Command Injection Payload List
  ☆3,588Updated last year
• payloadbox / sql-injection-payload-list
  🎯 SQL Injection Payload List
  ☆5,945Updated last year
• EdOverflow / bugbounty-cheatsheet
  A list of interesting payloads, tips and tricks for bug bounty hunters.
  ☆6,290Updated 2 years ago
• EdOverflow / can-i-take-over-xyz
  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
  ☆5,403Updated 8 months ago
• xmendez / wfuzz
  Web application fuzzer
  ☆6,316Updated last year
• aboul3la / Sublist3r
  Fast subdomains enumeration tool for penetration testers
  ☆10,653Updated last year
• s0md3v / Arjun
  HTTP parameter discovery suite.
  ☆5,905Updated 8 months ago
• ticarpi / jwt_tool
  A toolkit for testing, tweaking and cracking JSON Web Tokens
  ☆6,154Updated 5 months ago
• 1N3 / IntruderPayloads
  A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and…
  ☆3,857Updated 4 years ago
• mandatoryprogrammer / xsshunter-express
  An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!
  ☆2,087Updated last year
• streaak / keyhacks
  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
  ☆5,839Updated last year
• tomnomnom / waybackurls
  Fetch all the URLs that the Wayback Machine knows about for a domain
  ☆4,158Updated last year
• Tib3rius / AutoRecon
  AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
  ☆5,766Updated 5 months ago
• michenriksen / aquatone
  A Tool for Domain Flyovers
  ☆5,860Updated 3 years ago
• ffuf / ffuf
  Fast web fuzzer written in Go
  ☆14,968Updated 6 months ago
• reddelexc / hackerone-reports
  Top disclosed reports from HackerOne
  ☆4,940Updated 2 weeks ago
• lc / gau
  Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
  ☆4,617Updated 9 months ago
• fuzzdb-project / fuzzdb
  Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  ☆8,709Updated last year
• tomnomnom / assetfinder
  Find domains and subdomains related to a given domain
  ☆3,426Updated last year
• GerbenJavado / LinkFinder
  A python script that finds endpoints in JavaScript files
  ☆4,151Updated last year
• s0md3v / AwesomeXSS
  Awesome XSS stuff
  ☆5,008Updated 11 months ago
• hahwul / dalfox
  🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
  ☆4,617Updated this week
• The-Z-Labs / linux-exploit-suggester
  Linux privilege escalation auditing tool
  ☆6,220Updated last year
• rebootuser / LinEnum
  Scripted Local Linux Enumeration & Privilege Escalation Checks
  ☆7,657Updated 2 years ago
• snoopysecurity / awesome-burp-extensions
  A curated list of amazingly awesome Burp Extensions
  ☆3,298Updated 8 months ago
• devanshbatham / Awesome-Bugbounty-Writeups
  A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
  ☆5,371Updated 2 years ago
• tomnomnom / httprobe
  Take a list of domains and probe for working HTTP and HTTPS servers
  ☆3,059Updated last year
• 0dayCTF / reverse-shell-generator
  Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
  ☆3,626Updated 4 months ago
• arthaud / git-dumper
  A tool to dump a git repository from a website
  ☆2,304Updated 2 months ago
• ngalongc / bug-bounty-reference
  Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
  ☆3,999Updated last year