XSStrike
XSStrike copied to clipboard
Reflection without HTML tags goes undetected
Is your feature request related to a problem? Please describe. A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
Describe the solution you'd like A clear and concise description of what you want to happen.
Additional context Add any other context or screenshots about the feature request here.
hello,I have a problem when i use this tool:
`root@kali:~/XSStrike# python3 xsstrike.py -u http://192.168.5.1/a.php?a=a
XSStrike v3.1.4
[~] Checking for DOM vulnerabilities [+] WAF Status: Offline [!] Testing parameter: a [!] Reflections found: 1 [~] Analysing reflections [~] Generating payloads [-] No vectors were crafted.`
please help me
This is not an error. It means XSStrike was unable to find a vulnerability.
Here is the code for my test file:
`<?php $a = $_GET['a']; echo $a;
?>`
I don't think this should fail to detect XSS vulnerabilities..
Thank you,I solved the problem when i use the HTML tags. The tools is good for finding XSS vulnerability,Hard to you.