Hi, I'm Ravi, a web application penetration tester. I built FindXSS out of a personal need I encountered frequently during bug hunting.
I wanted a centralized, easy-to-access place where I could quickly find categorized XSS payloads, test out ideas, and keep my techniques organized. As I curated more payloads and found patterns, I realized that this resource could be valuable to others in the cybersecurity community.
That's why I decided to make FindXSS public. My goal is to turn it into a useful learning and reference tool for fellow ethical hackers, pentesters, bug bounty hunters, and anyone passionate about web security.
This site is designed strictly for educational purposes. It's meant to support learning, enable safe and ethical testing, provide resources for bug bounty training, and aid in security research.
If you're learning about Cross-Site Scripting, testing web applications responsibly, or looking for a quick reference, I hope FindXSS saves you time and helps you explore the intricacies of XSS more deeply.
Important: This site does not promote hacking or illegal activity. It's built to raise awareness about web vulnerabilities so they can be understood and prevented.
You can connect with me via Email , follow on Twitter , or connect on LinkedIn .