Helios: Automated XSS Auditing

Features

• Comprehensive Scanning: Tests URL parameters, POST parameters, headers, and DOM content for XSS vulnerabilities.
• Multiple Browser Support: Compatible with both Firefox and Chrome for testing.
• Headless Mode: Option to run scans in headless browser mode for faster & traditional execution.
• Paralellised Scanning: Utilises multi-threading for efficient scanning of multiple targets.
• Customizable: Supports custom headers, cookies, and payload files.
• Crawling Capability: Can crawl websites to discover and test additional pages.
• Detailed Reporting: Provides comprehensive output with color-coded console logs and optional file output.
• DOM XSS Detection: Advanced detection of DOM-based XSS vulnerabilities.
• Payload Customization: Automatically customises payloads with unique identifiers for accurate detection.
• Tamper Techniques: WAF evasion techniques
• Detection of SQLi: Validates whether SQLi is also indicative within responses
• WAF Detection: The ability to detect a firewall running on a target, using behavioural and static checks

Key Capabilities

• URL parameter analysis & testing
• POST parameter analysis & testing
• DOM content analysis & testing
• Header testing
• External script analysis
• Crawling targets and depth control
• WAF Detection
• Tamper Techniques

Usage

pip install -r requirements.txt

python3 helios.py [target_url] [options] 

Example

python3 helios.py target.com -o output.txt --crawl

python3 helios.py -l targetlist.txt --payload-file xsspayloads.txt -o output.txt --crawl --headless --cookies "Name=abcdefg" --headers "X-Forwarded For: 127.0.0.1"

Use python helios.py --help for a full list of options and usage instructions.

POST Method XSS

DOM-Based XSS

Accurate Payload Detection

SQLI Detection

Scan Summaries

Future Development

• Enhance payload generation dependant on context of target
• Modular refactoring
• More 'smart' payloads for DOM XSS
• Getting gud

Note

Helios is currently in early stages of development. While it offers powerful scanning capabilities, users should be aware that it may contain bugs or limitations. Contributions and feedback are welcome to improve its functionality and reliability.

Disclaimer

This tool is for educational and ethical testing purposes only. Always obtain proper authorization before scanning any web applications or networks you do not own or have explicit permission to test.

Author

Created by @stuub