A web application for generating custom XSS payloads
A web application for generating custom XSS payloads
XSS Chef is a small React.js application inspired by CyberChef, which provides users with a modular way to build JavaScript payloads to typically be used during penetration tests to demonstrate cross-site scripting vulnerabilities.
A live copy of the application can be found at https://rastating.github.io/xss-chef
The current set of recipes can be found below, along with a description of what they allow you to do:
href
attribute of all links on the page to point to a different URLyarn build
yarn build-dev
The unit tests can be run with jest: yarn jest
If you're interested in helping to improve XSS Chef, below are some of the key things that I'd like to add at some point: