SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

A tool to check a bunch of URLs that contain reflecting params.

Wscan is a web security scanner that focuses on web security, dedicated to making web security accessible to everyone.

A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.

An exquisite dns&http log server for verify SSRF/XXE/RFI/RCE vulnerability

Go Web Application Penetration Test

An XSS reverse shell framework

堡塔云WAF，宝塔免费(free)的私有云网站应用防火墙(firewall)，基于docker/nginx/lua开发

Find All Parameters - Tool to crawl pages, find potential parameters and generate a custom target parameter wordlist

Browser-based XSS finder

go-xss is a module used to filter input from users to prevent XSS attacks

libinjection is a Golang port of the libinjection(https://github.com/client9/libinjection)

Go-sec-code is a project for learning Go vulnerability code.

(DOM-)XSS fuzzer based on phantomjs and go.

Blind XSS service alerting over slack or email

Open Source XSS exploitation tool. using http proxy to access the browser which executed js. [Engineering Experimental]

A super fast, allowlist-based HTML sanitizer