Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/profmoriarity/rexsser

This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.
https://github.com/profmoriarity/rexsser

Last synced: about 14 hours ago
JSON representation

This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.

Host: GitHub
URL: https://github.com/profmoriarity/rexsser
Owner: profmoriarity
Created: 2020-11-02T05:06:00.000Z (about 4 years ago)
Default Branch: main
Last Pushed: 2020-11-05T16:51:38.000Z (almost 4 years ago)
Last Synced: 2024-08-01T10:17:16.207Z (3 months ago)
Language: Python
Size: 12.7 KB
Stars: 76
Watchers: 6
Forks: 15
Open Issues: 1
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-bugbounty-tools - rexsser - This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope. (Exploitation / XSS Injection)
awesome-hacking-lists - profmoriarity/rexsser - This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope. (Python)

README

        # rexsser

This is a burp plugin (python) that extracts keywords from response using regexes and test for reflected XSS on the target scope. Valid parameters reflected, vulnerable parameters are show in results in the rexsser extension tab.

### Regexes

 - extract all javascript 'var' names from response page

 - ...

 

### Screenshots

![img](https://i.imgur.com/e0USoLG.jpg)

### Requirements

- Jython

- BurpSuite

### Todo

- [ ] Add Multiple regexes to extract words (Example: input elements in the page response)

- [x] Content-Type filter

- [x] Scope checkbox

- [x] Process only given status-codes

- [x] Turn off/on