XSSCon : Simple XSS Scanner Tool

XSSCon is a simple XSS Scanner tool and a powerful XSS scanner made in python 3.7.

Installing

  • Requirements:

BeautifulSoup4

pip install bs4

  • Requests

pip install requests

  • python 3.7

Commands:

git clone https://github.com/menkrep1337/XSSCon
chmod 755 -R XSSCon
cd XSSCon
python3 xsscon.py –help

Also Read – Rogue : An Extensible Toolkit Providing Penetration Testers An Easy-To-Use Platform

Usage

  • Basic usage:

python3 xsscon.py -u http://testphp.vulnweb.com

  • Advanced usage:

python3 xsscon.py –help

Main Features

  • crawling all links on a website ( crawler engine )
  • POST and GET forms are supported
  • many settings that can be customized
  • ETC….

Roadmap

  • v0.3B:

Added custom options ( –proxy, –user-agent etc… )

  • v0.3B Patch:

Added support for ( form method GET )

  • v0.4B:

Improved Error handlingNow Multiple parameters for GET method is Supported

Note

  • Sorry for my bad english
  • if you run xsscon on the win10 terminal you will get an untidy output
  • now it doesn’t support DOM
R K

Recent Posts

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

13 hours ago

MODeflattener – Miasm’s OLLVM Deflattener

MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…

13 hours ago

My Awesome List : Tools And Their Functions

"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…

13 hours ago

Chrome Browser Exploitation, Part 3 : Analyzing And Exploiting CVE-2018-17463

CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…

13 hours ago

Chrome Browser Exploitation, Part 1 : Introduction To V8 And JavaScript Internals

The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…

14 hours ago

Chrome Browser Exploitation, Part 3: Analyzing and Exploiting CVE-2018-17463

The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…

16 hours ago