Home

Awesome

<h1 align="center"> <br> <a href="https://github.com/s0md3v/XSStrike"><img src="https://image.ibb.co/cpuYoA/xsstrike-logo.png" alt="XSStrike"></a> <br> XSStrike <br> </h1> <h4 align="center">Advanced XSS Detection Suite</h4> <p align="center"> <a href="https://github.com/s0md3v/XSStrike/releases"> <img src="https://img.shields.io/github/release/s0md3v/XSStrike.svg"> </a> <a href="https://travis-ci.com/s0md3v/XSStrike"> <img src="https://img.shields.io/travis/com/s0md3v/XSStrike.svg"> </a> <a href="https://github.com/s0md3v/XSStrike/issues?q=is%3Aissue+is%3Aclosed"> <img src="https://img.shields.io/github/issues-closed-raw/s0md3v/XSStrike.svg"> </a> </p>

multi xss

<p align="center"> <a href="https://github.com/s0md3v/XSStrike/wiki">XSStrike Wiki</a> • <a href="https://github.com/s0md3v/XSStrike/wiki/Usage">Usage</a> • <a href="https://github.com/s0md3v/XSStrike/wiki/FAQ">FAQ</a> • <a href="https://github.com/s0md3v/XSStrike/wiki/For-Developers">For Developers</a> • <a href="https://github.com/s0md3v/XSStrike/wiki/Compatibility-&-Dependencies">Compatibility</a> • <a href="https://github.com/s0md3v/XSStrike#gallery">Gallery</a> </p>

XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler.

Instead of injecting payloads and checking it works like all the other tools do, XSStrike analyses the response with multiple parsers and then crafts payloads that are guaranteed to work by context analysis integrated with a fuzzing engine. Here are some examples of the payloads generated by XSStrike:

}]};(confirm)()//\
<A%0aONMouseOvER%0d=%0d[8].find(confirm)>z
</tiTlE/><a%0donpOintErentER%0d=%0d(prompt)``>z
</SCRiPT/><DETAILs/+/onpoINTERenTEr%0a=%0aa=prompt,a()//

Apart from that, XSStrike has crawling, fuzzing, parameter discovery, WAF detection capabilities as well. It also scans for DOM XSS vulnerabilities.

Main Features

Documentation

FAQ

Gallery

DOM XSS

dom xss

Reflected XSS

multi xss

Crawling

crawling

Fuzzing

fuzzing

Bruteforcing payloads from a file

bruteforcing

Interactive HTTP Headers Prompt

headers

Hidden Parameter Discovery

arjun

Contribution, Credits & License

Ways to contribute

Licensed under the GNU GPLv3, see LICENSE for more information.

The WAF signatures in /db/wafSignatures.json are taken & modified from sqlmap. I extracted them from sqlmap's waf detection modules which can found here and converted them to JSON.
/plugins/retireJS.py is a modified version of retirejslib.