Web Application Security

PwnXSS – Vulnerability XSS Scanner Exploit

PwnXSS - Vulnerability XSS Scanner Exploit


A powerful XSS scanner made in python 3.7



  • BeautifulSoup4
pip install bs4
  • requests
pip install requests
  • python 3.7


git clone https://github.com/pwn0sec/PwnXSS
chmod 755 -R PwnXSS
cd PwnXSS
python3 pwnxss.py --help 


Basic usage:

python3 pwnxss.py -u http://testphp.vulnweb.com

Advanced usage:

python3 pwnxss.py --help

Main features

  • crawling all links on a website ( crawler engine )
  • POST and GET forms are supported
  • many settings that can be customized
  • Advanced error handling
  • Multiprocessing support.
  • ETC….



  • Added custom options ( –proxy, –user-agent etc… )

v0.3B Patch:

  • Added support for ( form method GET )


  • Improved Error handling
  • Now Multiple parameters for GET method is Supported

v0.5 Release (Final):

  • Bug fixed
  • Now cookies is supported. (–cookie {})


  • Sorry for my bad english
  • if you run pwnxss on the win10 terminal you will get an untidy output
  • now it doesn’t support DOM

About the author

Mazen Elzanaty

Add Comment

Click here to post a comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: