XSStrike Advanced XSS Detection Suite
XSStrike Advanced XSS Detection Suite

XSStrike: Advanced XSS Detection Suite

XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler.

Instead of injecting payloads and checking it works like all the other tools do, XSStrike analyses the response with multiple parsers and then crafts payloads that are guaranteed to work by context analysis integrated with a fuzzing engine. Here are some examples of the payloads generated by XSStrike:

}]};(confirm)()//\
<A%0aONMouseOvER%0d=%0d[8].find(confirm)>z
</tiTlE/><a%0donpOintErentER%0d=%0d(prompt)``>z
</SCRiPT/><DETAILs/+/onpoINTERenTEr%0a=%0aa=prompt,a()//

Apart from that, XSStrike has crawling, fuzzing, parameter discovery, WAF detection capabilities as well. It also scans for DOM XSS vulnerabilities.

Demo XSStrike
Demo XSStrike

Main Features

  • Reflected and DOM XSS scanning
  • Multi-threaded crawling
  • Context analysis
  • Configurable core
  • WAF detection & evasion
  • Outdated JS lib scanning
  • Intelligent payload generator
  • Handmade HTML & JavaScript parser
  • Powerful fuzzing engine
  • Blind XSS support
  • Highly researched work-flow
  • Complete HTTP support
  • Bruteforce payloads from a file
  • Powered by PhotonZetanize and Arjun
  • Payload Encoding

Documentation

FAQ

Gallery

DOM XSS

Screenshot DOM XSS
Screenshot DOM XSS

Reflected XSS

Screenshot Reflected XSS
Screenshot Reflected XSS

Crawling

Screenshot Crawling
Screenshot Crawling

Fuzzing

Screenshot Fuzzing
Screenshot Fuzzing

Bruteforcing payloads from a file

Bruteforcing payloads XSStrike
Bruteforcing payloads XSStrike

Interactive HTTP Headers Prompt

Screenshot Interactive HTTP Headers
Screenshot Interactive HTTP Headers

Hidden Parameter Discovery

Hidden Parameter Discovery
Hidden Parameter Discovery

Contribution, Credits & License

Ways to contribute

  • Suggest a feature
  • Report a bug
  • Fix something and open a pull request
  • Create a browser extension
  • Create a burp suite/zaproxy plugin
  • Help me document the code
  • Spread the word

Licensed under the GNU GPLv3, see LICENSE for more information.

The WAF signatures in /db/wafSignatures.json are taken & modified from sqlmap. I extracted them from sqlmap’s waf detection modules which can found here and converted them to JSON.
/plugins/retireJS.py is a modified version of retirejslib.

Más artículos
Remo Recover software para recuperar datos
Remo Recover: Recuperar datos en 4 pasos! [Windows]