Cleans HTML to avoid XSS attacks
HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
A repository of JavaScript XSS attacks against client browsers
A python flask app that is purposefully vulnerable to SQL injection and XSS attacks. To be used for demonstrating attacks
A few SQL and XSS attack tools
XSSRocket it is a tool designed for offensive security and XSS (Cross-Site Scripting) attacks.
A java HttpServletRequestWrapper to guard against sql injection and xss attacks
Hack your friend's online MMORPG game - specific focus, csrf/xss attacks
Example code for tutorial: https://academind.com/learn/javascript/xss-cross-site-scripting-attacks/
Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder
Faster xss scanner,support reflected-xss and dom-xss
XSS spider - 66/66 wavsep XSS detected
翻译 - XSS spider - 66/66 wavsep XSS detected
Universal and Transferable Attacks on Aligned Language Models
Awesome XSS stuff
翻译 - 很棒的XSS东西
一款用于探测并利用XSS漏洞的Python脚本
Secure XSS Filters.
Abusing Self-XSS and Clickjacking to trigger XSS
Exploitation for XSS
翻译 - XSS开发
A blind XSS detection and XSS data capture framework
phpMyAdmin XSS
Damn Small XSS Scanner
List of XSS Vectors/Payloads