Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ahmed-alnassif/pwnxss

PwnXSS: Vulnerability (XSS) scanner exploit
https://github.com/ahmed-alnassif/pwnxss

beautifulsoup4 exploit fake-useragent pwnxss python3 requests scanner security security-tools threads vulnerability xss xss-scanner

Last synced: 24 days ago
JSON representation

PwnXSS: Vulnerability (XSS) scanner exploit

Host: GitHub
URL: https://github.com/ahmed-alnassif/pwnxss
Owner: ahmed-alnassif
License: mit
Created: 2024-06-26T17:33:52.000Z (8 months ago)
Default Branch: main
Last Pushed: 2024-06-26T20:50:27.000Z (8 months ago)
Last Synced: 2024-11-16T03:18:27.284Z (3 months ago)
Topics: beautifulsoup4, exploit, fake-useragent, pwnxss, python3, requests, scanner, security, security-tools, threads, vulnerability, xss, xss-scanner
Language: Python
Homepage: https://cyber-wise.blogspot.com
Size: 1.05 MB
Stars: 1
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Powerful XSS Scanner - PwnXSS
# Description
PwnXSS is a powerful and versatile XSS (Cross-Site Scripting) scanner that provides a wide range of features to help security researchers and web developers identify and mitigate XSS vulnerabilities in web applications. Developed in Python 3, PwnXSS offers a user-friendly interface, advanced crawling capabilities, support for both GET and POST forms, and extensive customization options.

# Installing

## Requirements

python 3

## Installation Steps

```bash
git clone --depth=1 https://github.com/ahmed-alnassif/PwnXSS
chmod 755 -R PwnXSS
cd PwnXSS
python3 -m pip install -r requirements.txt
python3 pwnxss.py --help
```
## Usage
Basic usage:

```bash
python3 pwnxss.py -u http://testphp.vulnweb.com
```

Advanced usage:

```bash
python3 pwnxss.py --help
```

# Main Features

Crawls all links on a website (crawler engine)

Supports POST and GET forms

Highly customizable with many settings

Advanced error handling

Multiprocessing support

And more...

## Screenshot

## Roadmap

v0.3B:
------

Added custom options ( --proxy, etc... )

v0.3B Patch:
------

Added support for ( form method GET )

v0.4B:
------

Improved error handling

Added support for multiple parameters in GET method

v0.5 Release:
------
* Bug fixed
* Added support for cookies (--cookie {})
## v1.0 Release (Final):
------
* Issues fixed and further improvements made
* Added support for threads default 5 (--thread)
* Added support for random User-Agent (--random-user-agent)

## Notes
* When running PwnXSS on the Windows 10 terminal, the output may appear untidy.
* Currently, DOM (Document Object Model) support is not implemented.