FIXME Le PAD pour proposer une amΓ©lioration Γ  cette page : https://pad.zenk-security.com/p/merci

Des outils pour scanner des XSS

XSS online scanner

πŸ›  Find xss online https://pentest-tools.com/website-vulnerability-scanning/xss-scanner-online#

πŸ›  Find xss online http://xss-scanner.com/

XSS webmail

πŸ›  Webmail XSS Tester - Excess2 https://www.gremwell.com/excess2_webmail_xss_tester

πŸ›  xss-webmail-fuzzer.py https://pastebin.com/xZQ3WfNS

XSS

πŸ›  XSS-Radar https://github.com/bugbountyforum/XSS-Radar

πŸ›  XSSHunter https://github.com/mandatoryprogrammer/xsshunter

πŸ›  xsshunter_client https://github.com/mandatoryprogrammer/xsshunter_client

πŸ›  Domxssscanner https://github.com/yaph/domxssscanner

πŸ›  BruteXSS https://github.com/rajeshmajumdar/BruteXSS

πŸ›  XSS'OR http://xssor.io/

πŸ›  Powerfull XSS Scanning and Parameter analysis tool&gem https://github.com/hahwul/XSpear

πŸ›  PwnXSS: Vulnerability (XSS) scanner exploit https://github.com/pwn0sec/PwnXSS

πŸ›  XSS Payloads The wonderland of JavaScript unexpected usages, and more. Much much more … http://www.xss-payloads.com

πŸ›  XSS Hunter Burp Plugin https://github.com/mystech7/Burp-Hunter

πŸ›  Automated blind-xss search for Burp Suite. Contribute to wish-i-was/femida development by creating an account on GitHub. https://github.com/wish-i-was/femida

πŸ›  DOM XSS scanner for Single Page Applications https://github.com/fcavallarin/domdig

πŸ›  Burp extension helps in finding blind xss vulnerabilities - BitTheByte/BitBlinder https://github.com/BitTheByte/BitBlinder

πŸ›  XSS explot kit/Blind XSS framework/BurpSuite extension - psych0tr1a/elScripto https://github.com/psych0tr1a/elScripto

πŸ›  This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities. https://github.com/nVisium/xssValidator

πŸ›  Burp plugin able to find reflected XSS on page in real-time while browsing on site https://github.com/elkokc/reflector

πŸ›  Cross Site Scripting Recursive Scanner https://github.com/hdbreaker/XSS_SCANER

πŸ›  xsshunter https://github.com/mandatoryprogrammer/xsshunter

πŸ›  An automatic XSS discovery tool https://github.com/gbrindisi/xsssniper

πŸ›  Go Web Application Penetration Test https://github.com/dzonerzy/goWAPT

πŸ›  DOMXSS Scanner is an online tool to scan source code for DOM based XSS vulnerabilities https://github.com/yaph/domxssscanner

πŸ›  BruteXSS is a tool written in python simply to find XSS vulnerabilities in web application https://github.com/rajeshmajumdar/BruteXSS

πŸ›  XSpear: Powerfull XSS Scanning and Parameter Analysis tool https://haxf4rall.com/2019/07/27/xspear-powerfull-xss-scanning-and-parameter-analysis-tool/

πŸ›  XSSight – Automated XSS Scanner And Payload Injector https://gbhackers.com/xssight-automated-xss-scanner-and-payload-injector/

πŸ›  AbernathY-XSS https://twitter.com/andraxpentest/status/968634728512458753

πŸ›  XSSCon: Simple XSS Scanner tool https://github.com/menkrep1337/XSSCon

πŸ›  Use XSS automation Invade intranet : https://github.com/BlackHole1/WebRtcXSS

πŸ›  Cross-Site Scripting Bruteforcer : https://github.com/shawarkhanethicalhacker/BruteXSS

πŸ›  A small python script to check for Cross-Site Tracing : https://github.com/1N3/XSSTracer

πŸ›  A very simple reflected XSS scanner supports GET/POST : https://github.com/0x584A/fuzzXssPHP

πŸ›  Reflected XSS scanner https://github.com/chuhades/xss_scan

πŸ›  A plugin for browser that checks automatically whether a page haves XSS and CSRF vulnerabilities : https://github.com/BlackHole1/autoFindXssAndCsrf

πŸ›  XSS command line tool for testing lists of XSS payloads on web apps : https://github.com/shogunlab/shuriken

πŸ›  fuzz and bruteforce parameters for XSS,WAFs detect and bypass : https://github.com/s0md3v/XSStrike

πŸ›  A fully functional Cross-site scripting vulnerability scanner,supporting GET and POST parameters,and written in under 100 lines of code : https://github.com/stamparm/DSXS

πŸ›  The Prime Cross Site Request Forgery Audit and Exploitation Toolkit. https://github.com/0xInfection/XSRFProbe

πŸ›  XSS spider - 66/66 wavsep XSS detected https://github.com/DanMcInerney/xsscrapy

πŸ›  Cross Site β€œScripter” (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. https://github.com/epsylon/xsser

πŸ›  An automated XSS payload generator written in python. https://github.com/mandatoryprogrammer/xssless

πŸ›  XssPy - Web Application XSS Scanner https://github.com/faizann24/XssPy

πŸ›  XSSYA (Cross Site Scripting Scanner & Vulnerability Confirmation) https://github.com/yehia-mamdouh/XSSYA

πŸ›  XSSYA-V-2.0 (XSS Vulnerability Confirmation ) https://github.com/yehia-mamdouh/XSSYA-V-2.0

πŸ›  XSS Chef: A #web #application for generating custom #XSS #payloads. https://github.com/rastating/xss-chef

πŸ›  Vaya-ciego-nen is a tool that allows you to create your own webapp to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities. https://github.com/hipotermia/vaya-ciego-nen