Tool to check reflecting params and paths in a bunch of URLs
Project description
Rxss
RXSS is a Python tool designed for detecting reflecting params and paths in a bunch of URLs which can lead to reflected Cross-Site Scripting (XSS) vulnerabilities. It utilizes multithreading and customizable payload injection.
Installation
Install RXSS from PyPI using pip:
pip install rxss
Usage
Command-Line Options
usage: rxss [-h] [-i] [-p] [-o] [-t] [-fr] [-maxr] [--timeout] [--ignore-base-url]
optional arguments:
-h, --help show this help message and exit
-i , --urls Path containing a list of URLs to scan
-p , --payload Payload you want to send to check reflection (default: rxss)
-o , --output Path of file to write output to (default: None)
-t , --threads Number of threads to use (default: 50)
-fr, --follow-redirects
Follow HTTP redirects (default: False)
-maxr , --max-redirects
Max number of redirects to follow per host (default: 5)
--timeout Timeout in seconds (default: 10)
--ignore-base-url Disable appending payloads to paths in base URLs (default: False)
--random-user-agent Use randomly selected HTTP User-Agent header value (default: False)
Examples
Scan URLs from a file hosts.txt with default settings:
rxss -i hosts.txt
Scan URLs with a custom payload and output results to output.txt:
rxss -i hosts.txt -p "<script>alert('XSS')</script>" -o output.txt
Acknowledgments
- Built with Python
- Utilizes Requests for HTTP requests
- qsreplace for query string manipulation
- Uses fake_useragent to parse arbitrary user-agent values
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file rxss-0.0.2.tar.gz.
File metadata
- Download URL: rxss-0.0.2.tar.gz
- Upload date:
- Size: 7.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
af9187db33dc15b9eb167212ca1474915b5a23fb52f572f65e1c94e362fcd1e0
|
|
| MD5 |
5b4e022bff43876eef228dbf99a9e514
|
|
| BLAKE2b-256 |
085e5182b973538ad776b413af972770ed69b4a54c414f4c0ed2ce4928ad65fb
|
File details
Details for the file rxss-0.0.2-py3-none-any.whl.
File metadata
- Download URL: rxss-0.0.2-py3-none-any.whl
- Upload date:
- Size: 8.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.0 CPython/3.11.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
685f67ef7b45b1aae259fe78d60b02b4648eda2a37b921ead5e21a37b0738578
|
|
| MD5 |
2f3780cc4be9878570c19bd84fad57d7
|
|
| BLAKE2b-256 |
6c01ac2182440d215cebe9df63c315d858dfd3baad60c4330e7829ff94223e90
|
