Your personal XSS Wingman

Find reflected and DOM XSS by using a very fast and reliable scanner. Get started right now by signing up and claiming your free 14-day trial!

Get Started


Cross-Site Scripting (XSS) is one of the most common security vulnerabilities in modern web applications. XSS has evolved since the late '90s. Yet tools, specifically meant to detect this weakness, have not. Wingman is a command-line XSS scanner and aims to be more accurate, efficient, and thorough than what you would expect of automated solutions. We are slowly able to perfect the discovery process by focusing on this one problem. Wingman is ideal for bug bounty hunters, pentesters, and infosec professionals.


Easy To Use

Here are a few reasons why Wingman is so easy to use.

Great Design

Packed into a small, minimalistic binary for ease of use and portability.


Wingman automatically generates proof-of-concepts, making it simple to forward the issue and get it resolved.

Cross-Platform Availability

Available on Windows, MacOS and Linux.

Benefits We Offer

Wingman was designed with customizability, speed and efficiency in mind. It is the product of a well-researched and thought-out workflow.

Extremely Fast

Wingman can analyze responses and give results in less than a milisecond.

Best Of Both Worlds

Wingman can be fully automatic or an aid in guided fuzzing.


Wingman easily rivals popular alternatives with minimal false-positives and support for edge cases.

Constant Updates

Wingman is never finished and we will continue to make it better and add new features with free updates.


Find more features and details on our announcement blog post.

Chrome Mode

Quickly spawn a sandboxed Google Chrome session to find XSS as you browse. This mode will automatically submit the current page URL and HTML forms back to Wingman for scanning purposes.

Built-in Crawler

Sit back and let Wingman scan a list of URLs using a lightweight and fast crawler, built from the ground up.

Thorough Scans

Leave no stone unturned by scanning every possible injection point, including the URL Query, Path, and HTTP Request Body. Optionally you can configure Wingman to exclude any of these.

Generated Proof-Of-Concepts

Every discovered vulnerability should require some form of proof. Wingman automatically generates a Proof-Of-Concept that you can open in your browser to demonstrate the issue. Also available in JSON format.

Proxy Support

Combine Wingman with popular Man-In-The-Middle software such as Burp Suite, OWASP ZAP, and more.

Dynamic DOM Scanner

Wingman uses advanced taint-sink tracking techniques to discover DOM XSSes. Even in highly obfuscated code.

Choose Your Plan

All of this sounds great, but most importantly, it's affordable! Select a plan that suits your needs and claim your free 14-day trial.


Full access for professionals


Includes 21% VAT
  • Reflected XSS
  • (Dynamic) DOM XSS
  • Crawler
  • Guided scanning

What Our Customers Say

Here you can find a list of all the people satisfied with our product. Want to appear here as well? Tweet about us!