Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dwisiswant0/findom-xss
A fast DOM based XSS vulnerability scanner with simplicity.
https://github.com/dwisiswant0/findom-xss
bugbounty bugbountytips findom-xss pentest pentesting xss xss-scanner
Last synced: about 1 month ago
JSON representation
A fast DOM based XSS vulnerability scanner with simplicity.
- Host: GitHub
- URL: https://github.com/dwisiswant0/findom-xss
- Owner: dwisiswant0
- License: apache-2.0
- Created: 2020-04-11T15:45:46.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2022-09-30T06:49:20.000Z (about 2 years ago)
- Last Synced: 2024-08-01T10:17:13.009Z (4 months ago)
- Topics: bugbounty, bugbountytips, findom-xss, pentest, pentesting, xss, xss-scanner
- Language: Shell
- Homepage:
- Size: 29.3 KB
- Stars: 738
- Watchers: 26
- Forks: 107
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-bugbounty-tools - findom-xss - A fast DOM based XSS vulnerability scanner with simplicity. (Exploitation / XSS Injection)
- WebHackersWeapons - findom-xss - xss?label=%20)|[`xss`](/categorize/tags/xss.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Shell](/images/shell.png)](/categorize/langs/Shell.md)| (Weapons / Tools)
README
# FinDOM-XSS
[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/dwisiswanto/findom-xss/issues)
FinDOM-XSS is a tool that allows you to finding for possible and/ potential DOM based XSS vulnerability in a fast manner.
---
### Installation
```
$ git clone https://github.com/dwisiswant0/findom-xss.git --recurse-submodules
```**Dependencies:** [LinkFinder](https://github.com/GerbenJavado/LinkFinder)
### Usage
To run the tool on a target, just use the following command.
```
$ ./findom-xss.sh https://domain.tld/about-us.html
```This will run the tool against `domain.tld`.
URLs can also be piped to findom-xss and scan on them. For example:
```
$ cat urls.txt | ./findom-xss.sh
```The second argument can be used to specify an output file.
```
$ ./findom-xss.sh https://domain.tld/about-us.html /path/to/output.txt
```By default, output will be stored in the `results/` directory in the repository with `domain.tld.txt` name.
### License
**FinDOM-XSS** is licensed under the Apache. Take a look at the [LICENSE](https://github.com/dwisiswant0/findom-xss/blob/master/LICENSE) for more information.
### Thanks
- [@dark_warlord14](https://twitter.com/dark_warlord14) - Inspired by the JSScanner tool, that's why this tool was made.
- [@aslanewre](https://twitter.com/aslanewre) - With possible patterns.
- [All Contributors](../../graphs/contributors)