Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → Jewel591 → Xssmap

Jewel591 / Xssmap

Licence: mit

XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具

Programming Languages

139335 projects - #7 most used programming language

1442 projects

Labels

pentesting penetration-testing xss

Projects that are alternatives of or similar to Xssmap

vulnerabilities

List of every possible vulnerabilities in computer security.

Stars: ✭ 14 (-89.55%)

Mutual labels: xss, penetration-testing, pentesting

A container repository for my public web hacks!

Stars: ✭ 1,364 (+917.91%)

Mutual labels: pentesting, xss

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

Stars: ✭ 90 (-32.84%)

Mutual labels: pentesting, penetration-testing

Active Directory Exploitation Cheat Sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Stars: ✭ 1,392 (+938.81%)

Mutual labels: pentesting, penetration-testing

A tool to test security of json web token

Stars: ✭ 130 (-2.99%)

Mutual labels: pentesting, penetration-testing

Collection of Pentest Notes and Cheatsheets from a lot of repos (SofianeHamlaoui,dostoevsky,mantvydasb,adon90,BriskSec)

Stars: ✭ 89 (-33.58%)

Mutual labels: pentesting, penetration-testing

A phased, evasive Path Traversal + LFI scanning & exploitation tool in Python

Stars: ✭ 103 (-23.13%)

Mutual labels: pentesting, penetration-testing

Red Team Curation List

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Stars: ✭ 68 (-49.25%)

Mutual labels: pentesting, penetration-testing

Cross-Site Scripting (XSS) command line tool for testing lists of XSS payloads on web apps.

Stars: ✭ 114 (-14.93%)

Mutual labels: pentesting, xss

🏴‍☠️ Information Gathering tool 🏴‍☠️ DNS / Subdomains / Ports / Directories enumeration

Stars: ✭ 116 (-13.43%)

Mutual labels: pentesting, penetration-testing

Powerful Visual Subdomain Enumeration at the Click of a Mouse

Stars: ✭ 120 (-10.45%)

Mutual labels: pentesting, penetration-testing

The Collective. A repo for a collection of red-team projects found mostly on Github.

Stars: ✭ 85 (-36.57%)

Mutual labels: pentesting, penetration-testing

🔪 Leak git repositories from misconfigured websites

Stars: ✭ 1,249 (+832.09%)

Mutual labels: pentesting, penetration-testing

Let's you perform domain/IP information gathering... in BASH! Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?"

Stars: ✭ 89 (-33.58%)

Mutual labels: pentesting, penetration-testing

The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.

Stars: ✭ 76 (-43.28%)

Mutual labels: pentesting, penetration-testing

Security Scripts

A collection of public offensive and defensive security related scripts for InfoSec students.

Stars: ✭ 101 (-24.63%)

Mutual labels: pentesting, penetration-testing

Learn Web Hacking

Study Notes For Web Hacking / Web安全学习笔记

Stars: ✭ 2,326 (+1635.82%)

Mutual labels: pentesting, penetration-testing

A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.

Stars: ✭ 62 (-53.73%)

Mutual labels: pentesting, penetration-testing

A small Php application to fetch archive url snapshots from archive.org. using it you can fetch complete list of snapshot urls of any year or complete list of all years possible. Made Specially for penetration testing purpose.

Stars: ✭ 66 (-50.75%)

Mutual labels: pentesting, penetration-testing

my oscp prep collection

Stars: ✭ 105 (-21.64%)

Mutual labels: pentesting, penetration-testing

View All Similar Projects ➔

2020.08.20 update There are still a lot of bugs, so I'll take the time to fix them soon, so please keep updating.

XSSMAP

Detect XSS vulnerability in Web Applications

Usage mimics sqlmap, and if you know sqlmap, you can easily handle xssmap!

中文介绍

Screenshots

Easy Installation

As simple as below, Just one line of code:

curl -L https://raw.githubusercontent.com/Jewel591/xssmap/master/docs/install.sh|bash

If you get a network error, such as Connection refused, use git clone to install：

git clone -b master https://github.com/Jewel591/xssmap.git
cd xssmap
pip3 install -r requirements.txt

Usage Instructions

python3.6 xssmap.py -h

Support POST and GET request methods, support parameter injection detection in cookie, referer, useragent fields For example, test the returnUrl parameter in POST data:

python3.6 xssmap.py -u "https://example.com/login.do" --data="returnUrl=utest" -p returnUrl

Features

Support url encoding bypass
Support unicode encoding of HTML tag attribute value to bypass
Support HTML encoding to bypass the HTML tag attribute value
Support for flexible replacement of () '"to bypass
Case bypass

Contributing

Contributions, issues and feature requests are welcome!

Feel to check issues page

thanks for @dwisiswant0

Maintainers

Todo

[ ] DOM XSS Detect
[ ] Json XSS Detect

License

MIT © Jewel591, Kyle

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 134

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗