XSSCon : Simple XSS Scanner Tool

XSSCon is a simple XSS Scanner tool and a powerful XSS scanner made in python 3.7.


  • Requirements: 


pip install bs4

  • Requests

pip install requests

  • python 3.7


git clone https://github.com/menkrep1337/XSSCon
chmod 755 -R XSSCon
cd XSSCon
python3 xsscon.py –help

Also Read – Rogue : An Extensible Toolkit Providing Penetration Testers An Easy-To-Use Platform


  • Basic usage:

python3 xsscon.py -u http://testphp.vulnweb.com

  • Advanced usage:

python3 xsscon.py –help

Main Features

  • crawling all links on a website ( crawler engine )
  • POST and GET forms are supported
  • many settings that can be customized
  • ETC….


  • v0.3B:

Added custom options ( –proxy, –user-agent etc… )

  • v0.3B Patch:

Added support for ( form method GET )

  • v0.4B:

Improved Error handlingNow Multiple parameters for GET method is Supported


  • Sorry for my bad english
  • if you run xsscon on the win10 terminal you will get an untidy output
  • now it doesn’t support DOM