About 0x01
XSStrike is a script used to detect and exploit XSS vulnerabilities
XSStrike currently offer product features:
After building the appropriate payload parameter fuzzing
Payload using the parameters exhaustive match
Built-in functions reptiles
Detect and attempt to bypass WAF
Both GET and POST method
Most of payload are carefully constructed by the author
Low false alarm rate
0x02 download and install
Download: https://github.com/s0md3v/XSStrike
The latest version supports python3
windows, linux system can run
After the download is complete, enter XSStrike catalog:
cd XSStrike
Next, the following command module mounted reliance:
pip install -r requirements.txt
0x03 Use
1. Test a web page using the GET method:
python3 xsstrike.py -u "http://example.com/search.php?q=query"
2. Test POST data:
python3 xsstrike.py -u "http://example.com/search.php" --data "q=query"
python3 xsstrike.py -u "http://example.com/search.php" --data '{"q":"query"} --json'
3. Test URL path:
python3 xsstrike.py -u "http://example.com/search/form/query" --path
4. From the beginning of the search target landing page and test
python3 xsstrike.py -u "http://example.com/page.php" --crawl
You can specify how deep to crawl the default 2: -l
python3 xsstrike.py -u "http://example.com/page.php" --crawl -l 3
5. If you want to test the file URL, or just want to add seeds to crawl, you can use this --seeds
option:
python xsstrike.py --seeds urls.txt
6. Find the hidden parameter:
To find the hidden parameters by parsing HTML and brute force
python3 xsstrike.py -u "http://example.com/page.php" --params
7. Blind XSS: creeping use this parameter to insert xss codes to each variable to each html form
python3 xsstrike.py -u http://example.com/page.php?q=query --crawl --blind
8. fuzzing --fuzzer
The blur filters and is designed to test a Web application firewall , you can use -d
the option to delay to 1 second .
python3 xsstrike.py -u "http://example.com/search.php?q=query" --fuzzer
9. The skip scanning DOM
When crawl skippable DOM XSS scanning to save time
python3 xsstrike.py -u "http://example.com/search.php?q=query" --skip-dom
10. Update:
If you keep up with --updata option, XSStrike will check for updates. If a newer version is available, XSStrike will download the update and incorporate it into the current directory without overwriting other files.
python3 xsstrike.py --update