FortifyJS is a library focused on delivering security headers for web applications within the JavaScript ecosystem

A Web application firewall to monitor, analyze and block traffic, built with Python

CVE-2023-29489 is a vulnerability to exploitable in cross-site scripting ( xss ) reflect the cpanel

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

Adobe Experience Manager Childlist Selector - Cross-Site Scripting

CVE-2021-42558: Multiple Cross-Site Scripting in MITRE Caldera

Simple API for storing all incoming XSS requests and various XSS templates.

XssPy is a tool designed to help security researchers and ethical hackers identify potential Cross-Site Scripting (XSS) vulnerabilities in web applications. It automates the process of testing for XSS vulnerabilities by analyzing web pages and submitting payloads to check for any possible security issues.

Curso de OWASP Top 10: de Injections a monitoramento.

WSO2-2021-1261: Multiple Cross-Site Scripting in WSO2 ESB

Example Python script that demonstrates a simple example of a Cross-Site Scripting (XSS) exploit for educational purposes only. This script is intended to be used responsibly, for learning and understanding the security implications of XSS attacks, and should not be used for any illegal or unethical activities.

This is a project involving the setting up a penetration testing environment using Kali Linux and Metasploitable2 to practice and exploit common vulnerabilities such as SQL Injection, Command Injection, and Cross-Site Scripting (XSS). Tools used include Nmap, BurpSuite, and SQLmap.

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

Gemini-Web Vulnerability Detection (G-WVD) detecting web application vulnerabilities with deep learning

Content-Security-Policy in JavaScript, with validation and automatic hashes.

CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail

CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail

xss-payload-list

A cross site scripting command and control notification server