Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

github.com/pwn0sec/pwnxss

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/pwn0sec/pwnxss

  • v0.0.0-20210623174353-4f75e6a99d24
  • Source
  • Go
  • Socket score
Version published
Created
Source


A powerful XSS scanner made in python 3.7

Installing

Requirements:

  • BeautifulSoup4 
    • pip install bs4
  • requests 
    • pip install requests
  • python 3.7

    • Commands: 
    git clone https://github.com/pwn0sec/PwnXSS
chmod 755 -R PwnXSS
cd PwnXSS
python3 pwnxss.py --help

    Usage

    Basic usage:

    python3 pwnxss.py -u http://testphp.vulnweb.com

    Advanced usage: 
    python3 pwnxss.py --help

    Main features

    • crawling all links on a website ( crawler engine )
    • POST and GET forms are supported
    • many settings that can be customized
    • Advanced error handling
    • Multiprocessing support.✔️
    • ETC....

    Screenshot

    Roadmap

    v0.3B:

  • Added custom options ( --proxy, --user-agent etc... )

    • v0.3B Patch:

  • Added support for ( form method GET )

    • v0.4B:

  • Improved Error handling
  • Now Multiple parameters for GET method is Supported

    • v0.5 Release (Final):

    • Bug fixed
    • Now cookies is supported. (--cookie {})

    Note

    • Sorry for my bad english
    • if you run pwnxss on the win10 terminal you will get an untidy output
    • now it doesn't support DOM

    FAQs

    Package last updated on 23 Jun 2021

    Did you know?

    Socket

    Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

    Install

    Related posts

    Massive npm Malware Campaign Leverages Ethereum Smart Contracts To Evade Detection and Maintain Control

    Security News

    Research

    Massive npm Malware Campaign Leverages Ethereum Smart Contracts To Evade Detection and Maintain Control

    An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.

    By Kush Pandya, Philipp Burckhardt, Kirill Boychenko, Orlando Barrera  -  Oct 31, 2024
    SocketSocket SOC 2 Logo

    Product

    • Package Alerts
    • Integrations
    • Docs
    • Pricing
    • FAQ
    • Roadmap
    • Changelog

    About

    Packages

    npm

    Go

    Maven

    PyPI

    Rubygems

    Stay in touch

    Get open source security insights delivered straight into your inbox.

    • Terms
    • Privacy
    • Security

    Made with ⚡️ by Socket Inc