XSStrike
XSStrike copied to clipboard
s0md3v
Most advanced XSS scanner.
#### What does it implement/fix? Explain your changes. Fixed timeout errors in `requester.py`, `checker.py`. #### Where has this been tested? Python Version: 3.8 Operating System: ```bash PRETTY_NAME="Kali GNU/Linux Rolling" NAME="Kali...
We want to integrate XSStrike in our automated appsec pipeline. It would be nice if if XSStrike would support testing all swagger endpoints or has the ability to test from...
I have realized that application can't be able to scan websites that make use of javascript to render the requested query. #### What does it implement/fix? Explain your changes. I...
#### What does it implement/fix? Explain your changes. It adds a parameter `--write-payloads PAYLOADS_FILE` which writes the payloads generated by `scan` to the given file. This is useful in order...
Hi. I can often see the following errors. Thanks. ``` Traceback (most recent call last): File "xsstrike.py", line 167, in scan(target, paramData, encoding, headers, delay, timeout, skipDOM, find, skip) File...
**Is your feature request related to a problem? Please describe.** We have a static parameter the session id. So we must keep this parameter on each request. The scanner should...
Hi mate! Is there update about this issues #206 and #191 ? Did you do this feature? If yes, what is the parameters i need to write to call this...
Currently only a single payload is supported. After this change, users can configure a single value, or a tuple with multiple values, in the configuration file. #### What does it...
**Description** XSStrike misses XSS if the server redirects because of lack of cookies. During testing XSStike on DVWA I've noticed that XSStrike could not find simple XSS on vulnerabilities/xss_r/?name=payloadHere. So...
Hello, I get the following error on a particular site. I sent a poc by your email. ``` XSStrike v3.1.4 [+] WAF Status: Offline [!] Testing parameter: cat [!] Reflections...