itsMe Posted August 4, 2019 Share Posted August 4, 2019 This is the hidden content, please Sign In or Sign Up XSpear - Powerfull XSS Scanning And Parameter Analysis Tool Key features Pattern matching based XSS scanning Detect alert confirm prompt event on headless browser (with Selenium) Testing request/response for XSS protection bypass and reflected params Reflected Params Filtered test event handler HTML tag Special Char Testing Blind XSS (with XSS Hunter , ezXSS, HBXSS, Etc all url base blind test...) Dynamic/Static Analysis Find SQL Error pattern Analysis Security headers(CSP HSTS X-frame-options, XSS-protection etc.. ) Analysis Other headers..(Server version, Content-Type, etc...) Scanning from Raw file(Burp suite, ZAP Request) XSpear running on ruby code(with Gem library) Show table base cli-report and filtered rule, testing raw query(url) Testing at selected parameters Support output format cli json cli: summary, filtered rule(params), Raw Query Support Verbose level (quit / nomal / raw data) Support custom callback code to any test various attack vectors This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts