Cross-site scripting scanners

Usage

Cross-site scripting scanners are typically used for web application analysis.

Users for these tools include pentesters and security professionals.

Tools

Popular cross-site scripting scanners

Damn Small XSS Scanner (cross-site scripting scanner)

penetration testing, web application analysis

XSS Hunter (Cross-site scripting scanner)

penetration testing, software testing, vulnerability scanning

XSS Hunter helps with finding XSS attacks and trigger a warning when one is succesful. It exists as an online service, or self-hosted installation.

XSSER (Cross-site scripting scanner)

penetration testing, security assessment, web application analysis

XXSER helps to get from XSS to Remote Code Execution (RCE). It provides custom tools and payloads integrated with Metasploit's Meterpreter. The goal is to automate as much as possible.

XSStrike (XSS detection and exploitation suite)

application fuzzing, web application analysis

XSStrike is an XSS detection suite with the goal to reduce the false positives to zero. It can achieve this with its own fuzzing engine. The tool also allows generating custom payloads, which is rare within this line of tools.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.

Related topics

Looking for more specific topics within this tool group? Have a look at the following relevant topics.