Excelente y funcional Scanner de XSS que soporta parámetros POST y GET. Esta escrito enPython y no tiene más de 100 lineas de código.
Tiene también soporte para Proxys HTTP y se le pueden emplear algunas opciones como la de implementar User-Agent, Referer y Cookies.
Uso y Opciones:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15 $ python dsxs.py -h
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.2d
by: Miroslav Stampar (@stamparm)
Usage: dsxs.py [options]
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-u URL, --url=URL Target URL (e.g. "http://www.target.com/page.htm?id=1")
--data=DATA POST data (e.g. "query=test")
--cookie=COOKIE HTTP Cookie header value
--user-agent=UA HTTP User-Agent header value
--referer=REFERER HTTP Referer header value
--proxy=PROXY HTTP proxy address (e.g. "http://127.0.0.1:8080")
Ejemplo de uso:
1
2
3
4
5
6
7
8
9
10
11 $ python dsxs.py -u "http://testphp.vulnweb.com/search.php?test=query" --data="s
earchFor=foobar"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.2d
by: Miroslav Stampar (@stamparm)
* scanning GET parameter 'test'
* scanning POST parameter 'searchFor'
(i) POST parameter 'searchFor' appears to be XSS vulnerable (">.xss.<", outside
of tags, no filtering)
scan results: possible vulnerabilities found
1
2
3
4
5
6
7
8
9
10
11
12
13 $ python dsxs.py -u "http://public-firing-range.appspot.com/address/location.has
h/replace"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.2d
by: Miroslav Stampar (@stamparm)
(i) page itself appears to be XSS vulnerable (DOM)
(o) ...<script>
var payload = window.location.hash.substr(1);location.replace(payload);
</script>...
(x) no usable GET/POST parameters found
scan results: possible vulnerabilities found
Requerimientos:
– Python 2.6.x o 2.7.xSRC:
Repo: https://github.com/stamparm/DSXS
Espero que les sirva!
ANTRAX