CheckXSS: Detect XSS vulnerability in Web Applications

CheckXSS

Detect XSS vulnerability in Web Applications

Feature

1. Support url encoding bypass
2. Support Unicode encoding of HTML tag attribute value to bypass
3. Support HTML encoding to bypass the HTML tag attribute value
4. Support for flexible replacement of () ‘” to bypass
5. Case bypass

Install

curl -L -s https://raw.githubusercontent.com/Jewel591/CheckXSS/master/docs/install.sh|bash

Use

Support POST and GET request methods, support parameter injection detection in cookie, referer, useragent fields For example, test the returnUrl parameter in POST data:

python3.6 checkxss.py -u “https://example.com/login.do” –data=”returnUrl=utest” -p returnUrl

Copyright (c) 2020 Jewel591

Source: https://github.com/Jewel591/