https://github.com/adequatica/postman-xss-scanner
Use Postman Collection Runner as vulnerability scanner
https://github.com/adequatica/postman-xss-scanner
Last synced: 4 months ago
JSON representation
Use Postman Collection Runner as vulnerability scanner
- Host: GitHub
- URL: https://github.com/adequatica/postman-xss-scanner
- Owner: adequatica
- Created: 2019-07-28T17:25:20.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2021-01-16T04:44:10.000Z (over 5 years ago)
- Last Synced: 2025-06-24T00:36:04.122Z (12 months ago)
- Homepage: https://adequatica.medium.com/use-postman-collection-runner-as-vulnerability-scanner-aff7471c94fb
- Size: 20.5 KB
- Stars: 1
- Watchers: 1
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
## Use Postman Collection Runner as vulnerability scanner
Postman Collection sample and CSV data file of XSS vectors without commas and double quotes for article «[Use Postman Collection Runner as vulnerability scanner](https://adequatica.github.io/2019/07/28/use-postman-collection-runner-as-vulnerability-scanner.html)».
### How to use
1. Import collection to Postman;
2. Put your host in request URL field;
3. Open Collection Runner;
4. Select CSV data file;
5. Click [RUN].
### Read more
* [Intro to collection runs](https://learning.getpostman.com/docs/postman/collection_runs/intro_to_collection_runs/);
* [Looping through a data file in the Postman Collection Runner](https://blog.getpostman.com/2018/04/11/looping-through-a-data-file-in-the-postman-collection-runner/);
* [Working with data files](https://learning.getpostman.com/docs/postman/collection_runs/working_with_data_files/);
* [Test scripts](https://learning.getpostman.com/docs/postman/scripts/test_scripts/);
* [666 lines of XSS vectors, suitable for attacking an API](https://gist.github.com/JohannesHoppe/5612274);
* [Regular expression Denial of Service — ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS).