XSS game : Warning: You are entering the XSS game area.
HTML Purifier : HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS)...
XSS Filter Evasion Cheat Sheet - OWASP : This article is focused on providing application security testing professionals with a guide to assist in Cross Site Scripting testing.
Harpoon : CLI tool for open source and threat intelligence. Harpoon is a tool to automate threat intelligence and open source intelligence tasks. It is written ...
Wapiti : Wapiti allows you to audit the security of your web applications.
It performs "black-box" scans, i.e. it does not study the source code of the applica...
The following rules are intended to prevent all XSS in your application. While these rules do not allow absolute freedom in putting untrusted data into an HTML document, they should cover the vast majority of common use cases.