Open Redirection Analyzer
-
Updated
Mar 5, 2023 - Python
#
dom-xss
Here are 25 public repositories matching this topic...
OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
-
Updated
Jun 7, 2020 - Python
XSSB is a proactive DOM sanitizer, defending against client-side injection attacks!
-
Updated
Aug 26, 2018 - JavaScript
MIT license BRS-XSS is a modular Python CLI scanner for XSS vulnerabilities. Features context-aware payloads, WAF evasion, DOM analysis via Playwright, ML-based risk scoring, and export in HTML/JSON/SARIF. Designed for integration with Brabus Recon Suite (BRS).
security xss owasp cybersecurity penetration-testing bug-bounty web-security appsec dom-xss ethical-hacking security-automation security-tools vulnerability-scanner waf-bypass playwright brabus easyprotech
-
Updated
Jan 12, 2026 - Python
Find sources and sinks in js code that could lead to DOM XSS 🔎💧🚰
security scanner xss bug-bounty pentest dom-xss web-application-security pentest-tool web-application-security-scanner
-
Updated
Feb 27, 2024 - Shell
DOM-based XSS flaw where location.search is injected into the page via innerHTML, letting us execute arbitrary JavaScript.
-
Updated
Dec 12, 2025
DOM-based XSS where location.search is written into the page via innerHTML, letting us inject HTML and trigger alert(1) using an SVG onload payload.
-
Updated
Dec 4, 2025
DOM XSS in jQuery anchor href attribute sink using location.search source
-
Updated
Dec 12, 2025
xss-labs for learning web application security. Each lab demonstrates a different XSS vulnerability with interactive examples and solutions. Frontend-only, no server required.
xss labs cybersecurity penetration-testing dom-xss cross-site-scripting vapt tryhackme portswigger-labs cybersecurity-tools tryhackme-answers xss-labs reflected-xss abhinav-singwal cybersecurity-labs
-
Updated
Jun 7, 2026 - HTML
Discovering the JavaScript parameters for dom-xss
-
Updated
Jan 27, 2024 - Python
URDev’s Ultimate Injection Template is my personal payload collection: a comprehensive reference collection of web injection vectors, focused primarily on client-side execution surfaces in modern and legacy web applications.
reference injection xss html-injection bug-bounty educational web-security pentesting client-side dom-xss offensive-security security-research browser-security web-payloads waf-bypass manual-testing dom-analysis payload-collection parser-confusion browser-abuse
-
Updated
Apr 4, 2026
📦 Redirect Android app storage paths safely with easy APK and Zygisk module installs for real devices and emulators.
redis jquery-plugin django serverless storage scanner etcd edge post pentesting redirect-plugin dom-xss object-storage storage-cluster skopeo buildah podman open-redirections edge-config
-
Updated
Jun 12, 2026
A chrome extension to detect DOM changes and reflections to find XSS
-
Updated
Sep 22, 2025 - JavaScript
Advanced Cross-Site Scripting (XSS) vulnerability testing framework with WAF bypass, DOM XSS detection, and comprehensive reporting capabilities.
xss owasp cybersecurity penetration-testing bug-bounty web-security xss-detection dom-xss python-security security-scanner ethical-hacking security-automation security-tools web-application-security vulnerability-scanner cross-site-scripting hacking-tools waf-bypass stored-xss reflected-xss
-
Updated
Mar 15, 2025 - Python
Ultimate DOM Clobbering Cheat Sheet - 100+ exploitation vectors for XSS, CSP bypass, and client-side attacks. Covers browser compatibility, framework evasion, and real-world exploit chains for security researchers and bug bounty hunters
ssr hacking xss owasp cheatsheet penetration-testing web-security ctf bugbounty dom-xss offensive-security ethical-hacking htb hackthebox browser-exploitation dom-clobbering csp-bypass dom-hacking hydration-react dom-clobbering-cheatsheet
-
Updated
Dec 2, 2025
An extension to find possible parameters in a web page DOM
-
Updated
Sep 25, 2025 - JavaScript
Chrome DevTools extension for accelerating Trusted Types adoption with real-time CSP violation monitoring, sink analysis, policy generation, and developer-focused DOM XSS remediation workflows.
javascript content-security-policy web-security appsec dom-xss vulnerability-detection dompurify browser-security trusted-types secure-refactoring
-
Updated
May 14, 2026 - JavaScript
Web application penetration testing project against OWASP Juice Shop, covering SQL Injection, Reflected XSS, Stored XSS and DOM XSS with Burp Suite, evidence, findings and remediation.
xss owasp cybersecurity penetration-testing sql-injection web-security appsec dom-xss vulnerability-assessment juice-shop burp-suite security-report
-
Updated
Jun 12, 2026
BRS-KB is XSS Knowledge Base API
security xss owasp cybersecurity penetration-testing bug-bounty web-security knowledge-base dom-xss red-team cwe cvss contexts playwright waf-bypasses
-
Updated
Jan 10, 2026 - Python
Improve this page
Add a description, image, and links to the dom-xss topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the dom-xss topic, visit your repo's landing page and select "manage topics."