pwn0sec/PwnXSS

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/pwn0sec/PwnXSS)

pwn0sec / PwnXSS

PwnXSS: Vulnerability (XSS) scanner exploit

☆810

Alternatives and similar repositories for PwnXSS

Users that are interested in PwnXSS are comparing it to the libraries listed below

Sorting:

dwisiswant0 / findom-xss
View on GitHub
A fast DOM based XSS vulnerability scanner with simplicity.
☆855Sep 30, 2022Updated 3 years ago
capture0x / XSS-LOADER
View on GitHub
Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
☆605Jul 25, 2023Updated 2 years ago
hahwul / XSpear
View on GitHub
🔱 Powerfull XSS Scanning and Parameter analysis tool&gem
☆1,357Updated this week
MindPatch / scant3r
View on GitHub
ScanT3r - Module based Bug Bounty Automation Tool ( use Lotus instead github.com/bugBlocker/lotus )
☆686Feb 22, 2026Updated last week
r0075h3ll / Oralyzer
View on GitHub
Open Redirection Analyzer
☆813Mar 5, 2023Updated 3 years ago
KathanP19 / Gxss
View on GitHub
A tool to check a bunch of URLs that contain reflecting params.
☆598Aug 4, 2024Updated last year
pikpikcu / XRCross
View on GitHub
XRCross is a Reconstruction, Scanner, and a tool for penetration / BugBounty testing. This tool was built to test (XSS|SSRF|CORS|SSTI|ID…
☆348Jun 17, 2023Updated 2 years ago
devanshbatham / OpenRedireX
View on GitHub
A fuzzer for detecting open redirect vulnerabilities
☆782Jul 1, 2024Updated last year
m8sec / subscraper
View on GitHub
Subdomain and target enumeration tool built for offensive security testing
☆936Jun 19, 2024Updated last year
ksharinarayanan / SSRFire
View on GitHub
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
☆970Dec 8, 2021Updated 4 years ago
dwisiswant0 / crlfuzz
View on GitHub
A fast tool to scan CRLF vulnerability written in Go
☆1,519Feb 23, 2026Updated last week
screetsec / Sudomy
View on GitHub
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hu…
☆2,339Jun 27, 2024Updated last year
luisfontes19 / xxexploiter
View on GitHub
Tool to help exploit XXE vulnerabilities
☆592Feb 4, 2023Updated 3 years ago
R0X4R / Garud
View on GitHub
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and…
☆802Jul 4, 2023Updated 2 years ago
v3n0m-Scanner / V3n0M-Scanner
View on GitHub
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
☆1,559Nov 14, 2023Updated 2 years ago
devanshbatham / ParamSpider
View on GitHub
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
☆3,012Jun 24, 2024Updated last year
KathanP19 / JSFScan.sh
View on GitHub
Automation for javascript recon in bug bounty.
☆1,069Sep 9, 2023Updated 2 years ago
s0md3v / Corsy
View on GitHub
CORS Misconfiguration Scanner
☆1,505Sep 17, 2022Updated 3 years ago
0xInfection / XSRFProbe
View on GitHub
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
☆1,281Feb 10, 2026Updated 3 weeks ago
nsonaniya2010 / SubDomainizer
View on GitHub
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
☆1,851May 20, 2024Updated last year
hahwul / dalfox
View on GitHub
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
☆4,859Updated this week
epsylon / xsser
View on GitHub
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications…
☆1,423Sep 17, 2024Updated last year
ssl / ezXSS
View on GitHub
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
☆2,244Jan 8, 2026Updated last month
SpiderLabs / HostHunter
View on GitHub
HostHunter a recon tool for discovering hostnames using OSINT techniques.
☆1,156Mar 30, 2023Updated 2 years ago
mzfr / liffy
View on GitHub
Local file inclusion exploitation tool
☆929Oct 1, 2025Updated 5 months ago
DanMcInerney / xsscrapy
View on GitHub
XSS spider - 66/66 wavsep XSS detected
☆1,739Jun 13, 2024Updated last year
Chudry / Xerror
View on GitHub
fully automated pentesting tool
☆518Dec 8, 2022Updated 3 years ago
theinfosecguy / QuickXSS
View on GitHub
Automating XSS using Bash
☆362Jan 27, 2026Updated last month
r3curs1v3-pr0xy / sub404
View on GitHub
A python tool to check subdomain takeover vulnerability
☆342Jan 6, 2023Updated 3 years ago
almandin / fuxploider
View on GitHub
File upload vulnerability scanner and exploitation tool.
☆3,300May 8, 2025Updated 9 months ago
lutfumertceylan / top25-parameter
View on GitHub
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
☆1,820Jun 9, 2024Updated last year
m4ll0k / BBTz
View on GitHub
BBT - Bug Bounty Tools (examples💡)
☆1,883Apr 5, 2024Updated last year
m4ll0k / Atlas
View on GitHub
Quick SQLMap Tamper Suggester
☆1,397Jul 18, 2022Updated 3 years ago
swisskyrepo / SSRFmap
View on GitHub
Automatic SSRF fuzzer and exploitation tool
☆3,489Sep 4, 2025Updated 6 months ago
1N3 / BlackWidow
View on GitHub
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
☆1,780Nov 24, 2024Updated last year
s0md3v / Parth
View on GitHub
Heuristic Vulnerable Parameter Scanner
☆601Jan 8, 2024Updated 2 years ago
Emoe / kxss
View on GitHub
This a adaption of tomnomnom's kxss tool with a different output format
☆517Sep 27, 2023Updated 2 years ago
skavngr / rapidscan
View on GitHub
The Multi-Tool Web Vulnerability Scanner.
☆1,976Aug 22, 2023Updated 2 years ago
robotshell / magicRecon
View on GitHub
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilitie…
☆1,029Jul 23, 2024Updated last year