The extension Firekeeper has already been mentioned in this thread. It's an Intrusion Detection and Prevention System for Firefox that detects a lot of attacks (including XSS attacks). I'm aware of the following blocklists (which are regularly updated) that can be used in Firekeeper: There are two lists on http://www.malware.com.br/ - a regular and an agressive one (I haven't tried the latter yet). Another list for Firekeeper can be found on http://doc.bleedingthreats.net/bin/view/Main/SnortConfSamples . Just copy the URL of the respective list, go to Preferences in Firekeeper, click "Add remote file" and paste the URL therein. It takes some seconds until the list is loaded. Click "enable". Firekeeper versions for Windows and Linux are available on http://firekeeper.mozdev.org/installation.html . You will have to add that site to the list of sites in Firefox which are allowed to install extensions. (Note: On a Linux machine you will probably get an update to Firekeeper version 0.3.1 after a while).