{"id":13542264,"url":"https://github.com/Jewel591/xssmap","last_synced_at":"2025-04-02T09:33:27.714Z","repository":{"id":159248862,"uuid":"175831038","full_name":"Jewel591/xssmap","owner":"Jewel591","description":"XSSMap 是一款基于 Python3 开发用于检测 XSS 漏洞的工具","archived":false,"fork":false,"pushed_at":"2020-08-20T01:25:41.000Z","size":239,"stargazers_count":260,"open_issues_count":0,"forks_count":52,"subscribers_count":8,"default_branch":"master","last_synced_at":"2024-11-03T07:33:15.624Z","etag":null,"topics":["penetration-testing","pentesting","python3","sqlmap","xss","xss-attacks","xss-detection","xss-exploitation","xss-scanner","xss-vulnerability"],"latest_commit_sha":null,"homepage":"https://github.com/Jewel591/xssmap","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Jewel591.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-03-15T14:02:17.000Z","updated_at":"2024-10-24T01:37:27.000Z","dependencies_parsed_at":"2023-06-11T03:45:39.658Z","dependency_job_id":null,"html_url":"https://github.com/Jewel591/xssmap","commit_stats":null,"previous_names":[],"tags_count":0,"template":true,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jewel591%2Fxssmap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jewel591%2Fxssmap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jewel591%2Fxssmap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jewel591%2Fxssmap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Jewel591","download_url":"https://codeload.github.com/Jewel591/xssmap/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246789298,"owners_count":20834268,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["penetration-testing","pentesting","python3","sqlmap","xss","xss-attacks","xss-detection","xss-exploitation","xss-scanner","xss-vulnerability"],"created_at":"2024-08-01T10:01:03.649Z","updated_at":"2025-04-02T09:33:27.299Z","avatar_url":"https://github.com/Jewel591.png","language":"Python","readme":"2020.08.20 update\nThere are still a lot of bugs, so I'll take the time to fix them soon, so please keep updating.\n\n# XSSMAP\n\n![image.png](https://i.loli.net/2020/08/16/AxjZF1HVKT6RdBD.png)\n\n[![](https://img.shields.io/travis/com/Jewel591/xssmap)](https://travis-ci.com/github/Jewel591/xssmap) [![codecov](https://codecov.io/gh/Jewel591/xssmap/branch/master/graph/badge.svg)](https://codecov.io/gh/Jewel591/xssmap) [![](https://img.shields.io/badge/version-0.1.1-bule.svg)](https://img.shields.io/github/license/Jewel591/xssmap)\n[![](https://img.shields.io/badge/python-3.6-bule.svg)](https://www.python.org/) [![](https://img.shields.io/github/license/Jewel591/xssmap)](https://github.com/Jewel591/xssmap/tree/master) ![](https://img.shields.io/github/repo-size/Jewel591/xssmap) \n\n**Detect XSS vulnerability in  Web Applications**\n\n*Usage mimics sqlmap, and if you know sqlmap, you can easily handle xssmap!*\n\n- [中文介绍](https://github.com/Jewel591/xssmap/blob/master/docs/README_ZH.md)\n\n## Screenshots\n![image.png](https://i.loli.net/2020/08/16/dAWR9LIlFK2JS1Z.png)\n\n## Easy Installation\nAs simple as below, Just one line of code:\n```\ncurl -L https://raw.githubusercontent.com/Jewel591/xssmap/master/docs/install.sh|bash\n```\n\nIf you get a network error, such as Connection refused, use git clone to install：\n\n```\ngit clone -b master https://github.com/Jewel591/xssmap.git\ncd xssmap\npip3 install -r requirements.txt\n```\n\n## Usage Instructions\n`python3.6 xssmap.py -h`\n\n![image.png](https://i.loli.net/2020/08/16/ynsxozhfCp2wYLX.png)\n\nSupport POST and GET request methods, support parameter injection detection in cookie, referer, useragent fields\nFor example, test the returnUrl parameter in POST data:\n\n`python3.6 xssmap.py -u \"https://example.com/login.do\" --data=\"returnUrl=utest\" -p returnUrl` \n\n\n## Features\n1. Support url encoding bypass\n2. Support unicode encoding of HTML tag attribute value to bypass\n3. Support HTML encoding to bypass the HTML tag attribute value\n4. Support for flexible replacement of () '\"to bypass\n5. Case bypass\n\n## Contributing\n\nContributions, issues and feature requests are welcome!\n\nFeel to check [issues page](https://github.com/Jewel591/xssmap/issues)\n\nthanks for [@dwisiswant0](https://github.com/dwisiswant0)\n\n## Maintainers\n\n[@Jewel591](https://github.com/Jewel591)\n\n## Todo\n\n- [ ] DOM XSS Detect\n- [ ] Json XSS Detect\n\n\n## License\n\nMIT © Jewel591, Kyle\n\n\n\n","funding_links":[],"categories":["Exploitation","Python","Python (1887)"],"sub_categories":["XSS Injection"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FJewel591%2Fxssmap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FJewel591%2Fxssmap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FJewel591%2Fxssmap/lists"}