XSStrike icon indicating copy to clipboard operation
XSStrike copied to clipboard

Published 20 hours ago verified publisher icon s0md3v

Can you please support URLs with parameter values in selectors?

Open mbr-sn opened this issue 4 years ago • 0 comments

Great tool, but I have one problem using it with certain URLs:

It seems it expects URLs to must-include a URL parameter like: http://example.com/search.php?q=querystring

What is not supported currently are URLs that have the parameter in a selector, like http://example.com/search.querystring I get a "No parameters to test" message

Many sites have that URL format to allow for better caching and SEO. So is there a way to tell the script to replace "querystring" string in the URL with the attack payloads?

Thanks!

mbr-sn avatar Sep 19 '19 07:09 mbr-sn