testxss: PHP tool to test XSS

testxss

testxss

PHP tool to test XSS.
Note that this is an automated tool, a manual check is still required.

Download

git clone https://github.com/gwen001/testxss.git

Use

Usage: php testxss.php [OPTIONS]

Options:
-h, –help print this help

–burp export from Burp Suite (not implement yet)
–request source file of the orignal request
–single load a single url
–test file that contains a list of urls already payloaded (that means payload options will be ignored)
–urls file that contains a list of urls

–cookies set the cookie (overwrite all other cookies)
–force-cl force Content-Length header
–no-redir do not follow redirection
–ssl force https

–inject injection point, default=GPCHFU
G: GET parameters
P: POST parameters
C: Cookies
H: Headers
F: Fragment
U: Url (ending concatenation prepended by a slash ‘/’)
–inject-name inject in paramater name as well, default=disabled
G: GET parameters
P: POST parameters
C: Cookies
H: Headers
–gpg try to send GET params to POST and POST params to GET
–param name of a specific param/cookie/header to test

–payload set single payload or file, default='”><
–prefix prefix all payloads with a string, default is random string
–suffix suffix all payloads with a string, default is random string
–encode urlencode the payload, default=disabled
–replace replace the value of the parameter by the payload instead of concatenate at the end (only for GP)
–wish parse that string we want to find in the response

–no-test do not performed any test, list only the urls called
–phantom if you test XSS with phantomjs, full path to the executable
–sos stop on success
–threads number of threads, default=5
–no-color disable colors
–verbose level of verbose, default=0
0: everything
1: don’t display result details
2: display only vulnerable
3: display only vulnerable with details

Examples:
php testxss.php –single=”http://www.example.com/test.php?a=b” –payload=”xss'” –cookies=”PHPSESSID=elqopltf3rl25k7jkhi6drvvr9″
php testxss.php –request=export.burp –inject=GPCH –gpg –inject-name=GP
php testxss.php –urls=urls.txt –threads=10 –payload=payloads.txt –prefix=aaaaa –suffix=bbbbb

Source: https://github.com/gwen001/