🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

This WordPress plugin boosts your website's security by stopping Cross-Site Scripting (XSS) attacks. It blocks and encodes harmful characters in URLs, safely handles HTML in $_GET variables, and offers settings you can customize.

LazyXSS is a tool that can help you scan for reflected XSS, LFI without any effort.

Reflected XSS in the Medintux v2.16.000 can result in an attacker performing malicious actions to users who open a maliciously crafted link or third-party web page.

JAMXSS (Just A Monster XSS Scanner) is a proof-of-concept tool that uses machine learning to predict execution context and craft targeted payloads for reflected XSS. Unlike traditional scanners that blindly brute-force inputs, JAMXSS aims to demonstrate smarter, context-aware exploitation.

Reflected XSS in CyBroHttpServer v1.0.3 impacts users who open a maliciously crafted link or third-party web page.

CVE-2019-12460|Reflected XSS in WebPort-v1.19.1 impacts users who open a maliciously crafted link or third-party web page.

Test Reflected XSS with a list of payloads

the best tool of checking spacial characters in Parameters input .

Simple GET/POST xss fuzzer