🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.

An XSS exploitation command-line interface and payload generator.

Wordpress Attack Suite

JSshell - JavaScript reverse/remote shell

OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.

A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.

From XSS to RCE 2.75 - Black Hat Europe Arsenal 2017 + Extras

An XSS reverse shell framework

Cross-site scripting labs for web application security enthusiasts

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

Shadow Workers is a free and open source C2 and proxy designed for penetration testers to help in the exploitation of XSS and malicious Service Workers (SW)

Session Hijacking Visual Exploitation

Collection of XSS Payloads for fun and profit

A list of useful payloads and Bypass for Web Application Security and Bug Bounty/CTF

Collect XSS vulnerable parameters from entire domain.

OWASP PTK - application security browser extension.

XSSRocket it is a tool designed for offensive security and XSS (Cross-Site Scripting) attacks.

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

Make XSS Great Again