A vast collection of security tools for bug bounty, pentest and red teaming
#xss



RedTeam_toolkit
Open source Django offensive webapp which is keeping the best tools used in the redteaming.







Cross-site scripting cheat sheet
PortSwigger XSS cheat sheet that contains many vectors that can help you bypass WAFs and filters.


PortSwigger Cross-Site Scripting cheatsheet data
All the XSS cheatsheet data to allow contributions from the community.




XSSwagger
A simple Swagger-ui scanner that can detect old versions vulnerable to various XSS attacks.




Xss-Sql-Fuzz
Burp Suite plugin for XSS and SQLi which add our payload to all parameters with one click.


Shadow Workers
C2 and proxy designed to help in the exploitation of XSS and malicious Service Workers.












xssValidator
A Burp Intruder extender designed for automation and validation of XSS vulnerabilities.



XSSer
Automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.







Ground control
A collection of scripts mainly for debugging SSRF, blind XSS, and XXE vulnerabilities.



BeEF
The Browser Exploitation Framework is a penetration testing tool that focuses on the web browser.






