XSS-Freak is an xss scanner fully written in python3 from scratch. it is one of its kind since it crawls the website for all possible links and directories to expand its attack scope.
Then it searches them for inputs tags and then launches a bunch of xss payloads. if an inputs is not sanitized and vulnerable to xss attacks, the tool will discover it in seconds.
Requirements
How Does it Work?
First You Supply A Target Website To Scan And A List Which Contains Different XSS Payloads (better low amount and more effective and Least Detected Payloads) Then It Crawls The Main Website (Index Page) For Possible Links and Directories then it Crawls the Found Directories (if exist any) for additional links they weren’t found in the initial crawl and add them to its attack scope.
Then the tool will crawl all the links that were found in both in the initial scan and links from the directory For HTML INPUTS. Then the tool adds all the found HTML INPUTS to its attack scope.
Then the tool launches an ATTACK on all HTML INPUTS with the XSS payloads the user-provided from the list. if the HTML INPUT IS NOT SANITIZED PROPERLY and Filtered The Script Will Instantly Detect It and Will Print Out The Vulnerable Parameter.
Note: The Script Is Too Powerful For Old Computers.
Advantages
Disadvantages
The Mobile Evidence Acquisition Toolkit designed by BlackStone Discovery. Developed to enhance digital forensics, this…
Here are some tools that you can use for Social Media OSINT. In the ever-evolving…
Scoprite l'elenco completo delle distribuzioni di sistemi operativi per Windows, MacOS e Linux, specializzate in…
Social Analyzer - API, CLI, and Web App for analyzing & finding a person's profile…
cURL is a command line tool created in 1998 by Daniel Stenberg, a Swedish Developper/Programmer.Daniel Stenberg's…
bevigil-cli provides a unified command line interface and python library for using BeVigil OSINT API. BeVigil…