XSSCon is a simple XSS Scanner tool and a powerful XSS scanner made in python 3.7.
Installing
- Requirements:
BeautifulSoup4
pip install bs4
- Requests
pip install requests
- python 3.7
Commands:
git clone https://github.com/menkrep1337/XSSCon
chmod 755 -R XSSCon
cd XSSCon
python3 xsscon.py –help
Also Read – Rogue : An Extensible Toolkit Providing Penetration Testers An Easy-To-Use Platform
- Basic usage:
python3 xsscon.py -u http://testphp.vulnweb.com
- Advanced usage:
python3 xsscon.py –help
- crawling all links on a website ( crawler engine )
- POST and GET forms are supported
- many settings that can be customized
- ETC….
Roadmap
Added custom options ( –proxy, –user-agent etc… )
Added support for ( form method GET )
Improved Error handlingNow Multiple parameters for GET method is Supported
- Sorry for my bad english
- if you run xsscon on the win10 terminal you will get an untidy output
- now it doesn’t support DOM
