NoXss: XSS Vulnerability

NoXss is a cross-site script vulnerability scanner. It is very fast and suitable for million urls.

Contents hide
Ubuntu
Centos
MacOS

Specifications

  • Fast and convenient for testing millions of URLs
  • Dom-based xss support (using Chrome or Phantomjs) and xss
  • Use only 8 payloads based on its location
  • Async request (use of gevent) and multiple editing
  • Support for individual url, file and traffic from Burpsuite
  • Traffic filter interface
  • Support special headers (referer,,customized token,eg)
  • Quickly support revan via id

Installation

Ubuntu

  • 1.apt-get install flex bison phantomjs
  • 2.pip install -r requirements.txt

Centos

  • 1.yum install flex bison phantomjs
  • 2.pip install -r requirements.txt

MacOS

  • 1.brew install grep findutils flex phantomjs
  • 2.pip install -r requirements.txt

Use

start.py –url url –save
python start.py –url url –cookie cookie –browser chrome –save
python start.py –url url –cookie cookie –browser chrome-headless –save
python start.py –file ./url.txt –save
python start.py –burp ./test.xml –save
python start.py –file file –filter

Options

–Url
–Id
–File
–Burp
–Process
–Coroutine
–Cookie
–Filter
–Browser
–Save
–Clear

Application snapshots

 

You can download it from here.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.087 registrants.

NoXssXSS

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).