HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

XSpear - Powerfull XSS Scanning And Parameter Analysis Tool

Status
Not open for further replies.
itsMe

itsMe

*KillmeMories*
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Jan 8, 2019
Messages
56,623
Solutions
2
Reputation
32
Reaction score
100,456
Points
2,313
Credits
32,750
‎6 Years of Service‎
 
76%
2.png


XSpear - Powerfull XSS Scanning And Parameter Analysis Tool

Key features

Pattern matching based XSS scanning

  •     Detect alert confirm prompt event on headless browser (with Selenium)
  •     Testing request/response for XSS protection bypass and reflected params
  •     Reflected Params
  •     Filtered test event handler HTML tag Special Char
  •     Testing Blind XSS (with XSS Hunter , ezXSS, HBXSS, Etc all url base blind test...)
  •     Dynamic/Static Analysis
  •     Find SQL Error pattern
  •     Analysis Security headers(CSP HSTS X-frame-options, XSS-protection etc.. )
  •     Analysis Other headers..(Server version, Content-Type, etc...)
  •     Scanning from Raw file(Burp suite, ZAP Request)
  •     XSpear running on ruby code(with Gem library)
  •     Show table base cli-report and filtered rule, testing raw query(url)
  •     Testing at selected parameters
  •     Support output format cli json
  •      cli: summary, filtered rule(params), Raw Query
  •     Support Verbose level (quit / nomal / raw data)
  •     Support custom callback code to any test various attack vectors

To see this hidden content, you must like this content.
 
Status
Not open for further replies.
Back
Top