XSS Payload Generator

Educational XSS payload library for security testing and learning.

Educational Purposes Only

These payloads are for authorized security testing and educational purposes only. Unauthorized use against systems you don't own or have permission to test is illegal.

Select Context

Payloads

Custom Payload Encoder

encoded output 

              

            

            
          

        


        

          

            
 About XSS

            
          

          

            

              
What is XSS?

              
Cross-Site Scripting (XSS) is a security vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users.

            

            

              
Types of XSS

              
    
                
  • Reflected XSS - Payload in URL/request
    • 
                
  • Stored XSS - Payload stored in database
    • 
                
  • DOM-based XSS - Payload manipulates DOM
    •