Cross site scripting

XSS

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user.

Getting Your XSS to Work

Turning self XSS to reflected

Brute XSS blog

Some good resources for XSS

XSS Tools:

Brute XSS

GUI Tool written in Python

XSS-Radar

A Chrome extension for finding XSS

domxssscanner

A tool to find DOM based XSS

For Manual Testing you can use payloads in here