FIXME **Le PAD pour proposer une amΓ©lioration Γ  cette page :** https://pad.zenk-security.com/p/merci ====== Des outils pour scanner des XSS ====== **XSS online scanner** πŸ›  Find xss online https://pentest-tools.com/website-vulnerability-scanning/xss-scanner-online# πŸ›  Find xss online http://xss-scanner.com/ **XSS webmail** πŸ›  Webmail XSS Tester - Excess2 https://www.gremwell.com/excess2_webmail_xss_tester πŸ›  xss-webmail-fuzzer.py https://pastebin.com/xZQ3WfNS **XSS ** πŸ›  XSS-Radar https://github.com/bugbountyforum/XSS-Radar πŸ›  XSSHunter https://github.com/mandatoryprogrammer/xsshunter πŸ›  xsshunter_client https://github.com/mandatoryprogrammer/xsshunter_client πŸ›  Domxssscanner https://github.com/yaph/domxssscanner πŸ›  BruteXSS https://github.com/rajeshmajumdar/BruteXSS πŸ›  XSS'OR http://xssor.io/ πŸ›  Powerfull XSS Scanning and Parameter analysis tool&gem https://github.com/hahwul/XSpear πŸ›  PwnXSS: Vulnerability (XSS) scanner exploit https://github.com/pwn0sec/PwnXSS πŸ›  XSS Payloads The wonderland of JavaScript unexpected usages, and more. Much much more ... http://www.xss-payloads.com πŸ›  XSS Hunter Burp Plugin https://github.com/mystech7/Burp-Hunter πŸ›  Automated blind-xss search for Burp Suite. Contribute to wish-i-was/femida development by creating an account on GitHub. https://github.com/wish-i-was/femida πŸ›  DOM XSS scanner for Single Page Applications https://github.com/fcavallarin/domdig πŸ›  Burp extension helps in finding blind xss vulnerabilities - BitTheByte/BitBlinder https://github.com/BitTheByte/BitBlinder πŸ›  XSS explot kit/Blind XSS framework/BurpSuite extension - psych0tr1a/elScripto https://github.com/psych0tr1a/elScripto πŸ›  This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities. https://github.com/nVisium/xssValidator πŸ›  Burp plugin able to find reflected XSS on page in real-time while browsing on site https://github.com/elkokc/reflector πŸ›  Cross Site Scripting Recursive Scanner https://github.com/hdbreaker/XSS_SCANER πŸ›  xsshunter https://github.com/mandatoryprogrammer/xsshunter πŸ›  An automatic XSS discovery tool https://github.com/gbrindisi/xsssniper πŸ›  Go Web Application Penetration Test https://github.com/dzonerzy/goWAPT πŸ›  DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities https://github.com/yaph/domxssscanner πŸ›  BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application https://github.com/rajeshmajumdar/BruteXSS πŸ›  XSpear: Powerfull XSS Scanning and Parameter Analysis tool https://haxf4rall.com/2019/07/27/xspear-powerfull-xss-scanning-and-parameter-analysis-tool/ πŸ›  XSSight – Automated XSS Scanner And Payload Injector https://gbhackers.com/xssight-automated-xss-scanner-and-payload-injector/ πŸ›  AbernathY-XSS https://twitter.com/andraxpentest/status/968634728512458753 πŸ›  XSSCon: Simple XSS Scanner tool https://github.com/menkrep1337/XSSCon πŸ›  Use XSS automation Invade intranet : https://github.com/BlackHole1/WebRtcXSS πŸ›  Cross-Site Scripting Bruteforcer : https://github.com/shawarkhanethicalhacker/BruteXSS πŸ›  A small python script to check for Cross-Site Tracing : https://github.com/1N3/XSSTracer πŸ›  A very simple reflected XSS scanner supports GET/POST : https://github.com/0x584A/fuzzXssPHP πŸ›  Reflected XSS scanner https://github.com/chuhades/xss_scan πŸ›  A plugin for browser that checks automatically whether a page haves XSS and CSRF vulnerabilities : https://github.com/BlackHole1/autoFindXssAndCsrf πŸ›  XSS command line tool for testing lists of XSS payloads on web apps : https://github.com/shogunlab/shuriken πŸ›  fuzz and bruteforce parameters for XSS,WAFs detect and bypass : https://github.com/s0md3v/XSStrike πŸ›  A fully functional Cross-site scripting vulnerability scanner,supporting GET and POST parameters,and written in under 100 lines of code : https://github.com/stamparm/DSXS πŸ›  The Prime Cross Site Request Forgery Audit and Exploitation Toolkit. https://github.com/0xInfection/XSRFProbe πŸ›  XSS spider - 66/66 wavsep XSS detected https://github.com/DanMcInerney/xsscrapy πŸ›  Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. https://github.com/epsylon/xsser πŸ›  An automated XSS payload generator written in python. https://github.com/mandatoryprogrammer/xssless πŸ›  XssPy - Web Application XSS Scanner https://github.com/faizann24/XssPy πŸ›  XSSYA (Cross Site Scripting Scanner & Vulnerability Confirmation) https://github.com/yehia-mamdouh/XSSYA πŸ›  XSSYA-V-2.0 (XSS Vulnerability Confirmation ) https://github.com/yehia-mamdouh/XSSYA-V-2.0 πŸ›  XSS Chef: A #web #application for generating custom #XSS #payloads. https://github.com/rastating/xss-chef πŸ›  Vaya-ciego-nen is a tool that allows you to create your own webapp to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities. https://github.com/hipotermia/vaya-ciego-nen