XSS

Hacking Forums

XSS

Active since

November 2004

Dark web or clear web

Dark web and clear web

Predominant language

Russian

Known admins / moderators

Admin, Guron_18, Haunt, IIIIXX, Kerberos, Marcus52, Pernat1y, Quake3, R_as, Weaver

Originally known as DaMaGeLaB, XSS is one of the longest-running dark web forums.

The site rebranded from DaMaGeLaB to XSS around 2018, potentially due to the arrest of one of its administrators a year prior for their involvement in operating the Andromeda botnet. Its new name is a reference to the well known cross-site scripting web app vulnerability.

As with Exploit, XSS is very business-oriented, with sections on hacking, corporate access, database leaks, and even competitive intelligence.

XSS had previously acted as a recruitment and PR tool for Ransomware-as-a-Service (RaaS) schemes, although this content has been “banned” at certain times, presumably so the forum doesn’t attract too much unwanted attention from law enforcement.

In 2023 the forum appeared to trial an “XSSBot“, a forum chatbot that we suspect used ChatGPT to power its responses. Forum users asked the XSSBot for information about different malware strains, for tips on how to obfruscate code, and to write a rap – among other things.

The Beacon Newsletter

Get news, insights & intelligence straight to your inbox