Source code for Hacker101.com - a free online web and mobile security class.

A list of resources for those interested in getting started in bug bounties

Most advanced XSS scanner.

一款完善的安全评估工具，支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

lamp-cloud 支持jdk21、jdk17、jdk11、jdk8，ta基于 SpringCloud + SpringBoot 开发的微服务中后台快速开发平台，专注于多租户(SaaS架构)解决方案，亦可作为普通项目（非SaaS架构）的基础开发框架使用，目前已实现插拔式数据库隔离、SCHEMA隔离、字段隔离 等租户隔离方案。

Web-Security-Learning

Git All the Payloads! A collection of web attack payloads.

serve as a reverse proxy to protect your web services from attacks and exploits.

This repository holds all the list of advanced XSS payloads that can be used in penetration testing. These payloads can be loaded into XSS scanners as well.

Awesome XSS stuff

Web Application Security Scanner Framework

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:

Top disclosed reports from HackerOne

Collection of quality safety articles. Awesome articles.

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

XSS'OR - Hack with JavaScript.

A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.