XSStrike
XSStrike copied to clipboard
Can you please support URLs with parameter values in selectors?
Great tool, but I have one problem using it with certain URLs:
It seems it expects URLs to must-include a URL parameter like: http://example.com/search.php?q=querystring
What is not supported currently are URLs that have the parameter in a selector, like http://example.com/search.querystring I get a "No parameters to test" message
Many sites have that URL format to allow for better caching and SEO. So is there a way to tell the script to replace "querystring" string in the URL with the attack payloads?
Thanks!