Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/profmoriarity/rexsser
This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.
https://github.com/profmoriarity/rexsser
Last synced: about 1 month ago
JSON representation
This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.
- Host: GitHub
- URL: https://github.com/profmoriarity/rexsser
- Owner: profmoriarity
- Created: 2020-11-02T05:06:00.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2020-11-05T16:51:38.000Z (about 4 years ago)
- Last Synced: 2024-08-01T10:17:16.207Z (4 months ago)
- Language: Python
- Size: 12.7 KB
- Stars: 76
- Watchers: 6
- Forks: 15
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-bugbounty-tools - rexsser - This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope. (Exploitation / XSS Injection)
- awesome-hacking-lists - profmoriarity/rexsser - This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope. (Python)
README
# rexsser
This is a burp plugin (python) that extracts keywords from response using regexes and test for reflected XSS on the target scope. Valid parameters reflected, vulnerable parameters are show in results in the rexsser extension tab.### Regexes
- extract all javascript 'var' names from response page
- ...
### Screenshots![img](https://i.imgur.com/e0USoLG.jpg)
### Requirements
- Jython
- BurpSuite### Todo
- [ ] Add Multiple regexes to extract words (Example: input elements in the page response)
- [x] Content-Type filter
- [x] Scope checkbox
- [x] Process only given status-codes
- [x] Turn off/on