XSSbase: A professional tool for scanning XSS vulnerabilities.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for GH05T-HUNTER5 from gravatar.com GH05T-HUNTER5 Avatar for mr-fidal from gravatar.com mr-fidal

Unverified details

These details have not been verified by PyPI
Project links

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Fidal

Tags xssbase, xss, vulnerability, scanning, mrfidal, cyber security

Classifiers

Project description

XSSbase

xssbase is a professional tool designed to help web developers scan for Cross-Site Scripting (XSS) vulnerabilities. It automates the process of testing web applications for XSS vulnerabilities by using a set of predefined payloads or custom payloads provided by the user.

Features

  • Automated XSS Testing: Scans web applications for XSS vulnerabilities using a list of predefined or user-specified payloads.
  • Platform Support: Currently supports Windows.
  • Custom Payloads: Allows users to provide their own payloads for testing.
  • Error Handling: Handles stale element reference errors gracefully and retries automatically.
  • Comprehensive Reports: Provides detailed information about detected XSS vulnerabilities.

Benefits

  • Time-Saving: Automates the tedious process of testing for XSS vulnerabilities, saving developers valuable time.
  • Improved Security: Helps in identifying and fixing XSS vulnerabilities, enhancing the overall security of web applications.
  • Customizable: Users can use their own payloads for testing, making it highly customizable for specific needs.

Payload List : Click

Installation

Currently, xssbase is only compatible with Windows. To install, use the following command:

pip install xssbase

Usage

Basic Usage

To test a URL for XSS vulnerabilities using the predefined payloads:

xssbase --url <URL>

Using Custom Payloads

To test a URL for XSS vulnerabilities using custom payloads from a file:

xssbase --url <URL> --payload <payload-file.txt>

Example

To test http://example.com for XSS vulnerabilities using predefined payloads:

xssbase --url http://example.com

To test http://example.com for XSS vulnerabilities using payloads from custom-payloads.txt:

xssbase --url http://example.com --payload custom-payloads.txt

Arguments

--url: The URL to test for XSS vulnerabilities (required). --payload: The file containing custom XSS payloads (optional).

License

This project is licensed under the MIT License. See the LICENSE file for details.

Disclaimer

This tool is intended for educational purposes and for use by web developers to secure their own applications. Unauthorized or malicious use is strictly prohibited.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for GH05T-HUNTER5 from gravatar.com GH05T-HUNTER5 Avatar for mr-fidal from gravatar.com mr-fidal

Unverified details

These details have not been verified by PyPI
Project links

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Fidal

Tags xssbase, xss, vulnerability, scanning, mrfidal, cyber security

Classifiers

Release history Release notifications | RSS feed

4.0.3

4.0.2

4.0.1

4.0.0

This version

3.0.6

3.0.5

3.0.4

3.0.3

3.0.1

2.0.9

2.0.8

2.0.7

2.0.6

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

1.0.9

1.0.8

1.0.7

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

xssbase-3.0.6.tar.gz (6.2 kB view hashes)

Uploaded Source

Built Distribution

xssbase-3.0.6-py3-none-any.whl (6.6 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page