xss
a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS.
bluemonday takes untrusted user generated content as an input, and will return HTML that has been sanitised against an allowlist of approved HTML elements and attributes so that you can safely include the content in your web page.
Related contents:
NucleiFuzzer is a robust automation tool designed for efficiently detecting web application vulnerabilities, including XSS, SQLi, SSRF, and Open Redirects, leveraging advanced scanning and URL enumeration techniques.
Related contents:
a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, SVG and MathML. DOMPurify works with a secure default, but offers a lot of configurability and hooks.
WebCopilot is an automation tool designed to enumerate subdomains of the target and detect bugs using different open-source tools.
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
Content Security Policy Reference.
The new Content-Security-Policy HTTP response header helps you reduce XSS risks on modern browsers by declaring which dynamic resources are allowed to load.
Most advanced XSS scanner. XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler.
A comprehensive tutorial on cross-site scripting
Download Xelenium, Security Testing with Selenium for free. Hello Everyone,
Warm Greetings!!! Xelenium has become part of OWASP and you can find more information about Xelenium here: https://www.owasp.org/index.php/OWASP_Xelenium_Project
I have detailed about the steps to follow in OWASP page of Xelenium.
Cross Site "Scripter" is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.