DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

w3af: web application attack and audit framework, the open source web vulnerability scanner.

An XSS exploitation command-line interface and payload generator.

Build Content-Security-Policy headers from a JSON file (or build them programmatically)

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

Tips on how to write exploit scripts (faster!)

An XSS Exploitation Tool

Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:

Helios: Automated XSS Testing

this repository is a docker containing some "XSS vulnerability" challenges and bypass examples.

phpMyAdmin XSS

Toolset for detecting reflected xss in websites

xss-payload-list

NLP model and tech for cyber security tasks

XsSCan | Web Application XSS Scanner | Coded By Sir.4m1R [Mr.Hidden]

xss vulnerability scanner and input fuzzing tool.

XSSearch is a comprehensive reflected XSS tool built on selenium framework in python language. It contains more than 3000 payloads for automating XSS attacks and validating XSS endpoint

Simple machine learning based web application firewall (WAF) created in python

Simple API for storing all incoming XSS requests and various XSS templates.