https://github.com/s0md3v/xsstrike

Most advanced XSS scanner.
https://github.com/s0md3v/xsstrike

waf-detection xss xss-bruteforce xss-detection xss-exploit xss-python xss-scanner xsstrike

Last synced: about 1 year ago
JSON representation

Most advanced XSS scanner.

• Host: GitHub
• URL: https://github.com/s0md3v/xsstrike
• Owner: s0md3v
• License: gpl-3.0
• Created: 2017-06-26T07:24:44.000Z (almost 9 years ago)
• Default Branch: master
• Last Pushed: 2025-03-17T11:26:56.000Z (about 1 year ago)
• Last Synced: 2025-04-22T16:53:17.930Z (about 1 year ago)
• Topics: waf-detection, xss, xss-bruteforce, xss-detection, xss-exploit, xss-python, xss-scanner, xsstrike
• Language: Python
• Homepage:
• Size: 1.13 MB
• Stars: 13,851
• Watchers: 272
• Forks: 1,957
• Open Issues: 80
• Metadata Files:
  • Readme: README.md
  • Changelog: CHANGELOG.md
  • License: LICENSE

Awesome Lists containing this project

README

          


  


  

  


  XSStrike

  




Advanced XSS Detection Suite




  

    

  

  

    

  

  

      

  



![multi xss](https://image.ibb.co/gOCV5L/Screenshot-2018-11-19-13-33-49.png)



  XSStrike Wiki •

  Usage •

  FAQ •

  For Developers •

  Compatibility •

  Gallery



XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler.

Instead of injecting payloads and checking it works like all the other tools do, XSStrike analyses the response with multiple parsers and then crafts payloads that are guaranteed to work by context analysis integrated with a fuzzing engine.

Here are some examples of the payloads generated by XSStrike:

```

}]};(confirm)()//\

z

z