Web Application Security

PwnXSS – Vulnerability XSS Scanner Exploit

PwnXSS - Vulnerability XSS Scanner Exploit

[sc name=”ad_1″]

A powerful XSS scanner made in python 3.7

Installing

Requirements:

  • BeautifulSoup4
pip install bs4
  • requests
pip install requests
  • python 3.7

Commands:

git clone https://github.com/pwn0sec/PwnXSS
chmod 755 -R PwnXSS
cd PwnXSS
python3 pwnxss.py --help 

Usage

Basic usage:

python3 pwnxss.py -u http://testphp.vulnweb.com

Advanced usage:

python3 pwnxss.py --help

Main features

  • crawling all links on a website ( crawler engine )
  • POST and GET forms are supported
  • many settings that can be customized
  • Advanced error handling
  • Multiprocessing support.
  • ETC….

Roadmap

v0.3B:

  • Added custom options ( –proxy, –user-agent etc… )

v0.3B Patch:

  • Added support for ( form method GET )

v0.4B:

  • Improved Error handling
  • Now Multiple parameters for GET method is Supported

v0.5 Release (Final):

  • Bug fixed
  • Now cookies is supported. (–cookie {})

Note

  • Sorry for my bad english
  • if you run pwnxss on the win10 terminal you will get an untidy output
  • now it doesn’t support DOM


[sc name=”ad-in-article”]