Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/profmoriarity/rexsser

This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.
https://github.com/profmoriarity/rexsser

Last synced: about 1 month ago
JSON representation

This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.

Awesome Lists containing this project

README

        

# rexsser
This is a burp plugin (python) that extracts keywords from response using regexes and test for reflected XSS on the target scope. Valid parameters reflected, vulnerable parameters are show in results in the rexsser extension tab.

### Regexes
- extract all javascript 'var' names from response page
- ...

### Screenshots

![img](https://i.imgur.com/e0USoLG.jpg)

### Requirements
- Jython
- BurpSuite

### Todo

- [ ] Add Multiple regexes to extract words (Example: input elements in the page response)
- [x] Content-Type filter
- [x] Scope checkbox
- [x] Process only given status-codes
- [x] Turn off/on