Skip to content
/ XSS-Finder-for-PortSwigger Public

Performs brute-force on URLs to identify cross-site scripting vulnerabilities.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

yaranawr/XSS-Finder-for-PortSwigger

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
xssfinderforps.py
xssfinderforps.py
 
 

Repository files navigation

XSS Finder for PortSwigger

Script created for the PortSwigger lab "Reflected XSS into HTML context with most tags and attributes blocked"

This script performs brute-force on URLs to identify cross-site scripting vulnerabilities.

Usage:

Clone this repository, then install requests with pip3 install requests or python3 -m pip install requests.

To use this script, place the words you want to test in a file named wordlist.txt in the same directory and use the word FUZZ in the lab URL. "FUZZ" will be replaced by the words from your wordlist for the bruteforce. Remember to keep URL encoded.

For example, if you want to test <FUZZ> (so that FUZZ is replaced by head, img, etc.), make it URL encoded as in the example:

python3 xssfinderforps.py https://lab-url/%3CFUZZ%3E

About

Performs brute-force on URLs to identify cross-site scripting vulnerabilities.

Topics

python xss python3 requests xss-vulnerability xss-detection web-attack portswigger

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages