rxss

Tool to check reflecting params and paths in a bunch of URLs

0.0.1.post6
PyPI

Maintainers: 1

Rxss

RXSS is a Python tool designed for detecting reflecting params and paths in a bunch of URLs which can lead to reflected Cross-Site Scripting (XSS) vulnerabilities. It utilizes multithreading and customizable payload injection.

Installation

Install RXSS from PyPI using pip:

pip install rxss

Usage

Command-Line Options

usage: rxss [-h] [-i] [-p] [-o] [-t] [-fr] [-maxr] [--timeout] [--ignore-base-url]

optional arguments:
  -h, --help            show this help message and exit
  -i , --urls           Path containing a list of URLs to scan
  -p , --payload        Payload you want to send to check reflection (default: rxss)
  -o , --output         Path of file to write output to (default: None)
  -t , --threads        Number of threads to use (default: 50)
  -fr, --follow-redirects
                        Follow HTTP redirects (default: False)
  -maxr , --max-redirects
                        Max number of redirects to follow per host (default: 5)
  --timeout             Timeout in seconds (default: 10)
  --ignore-base-url     Disable appending payloads to paths in base URLs (default: False)

Examples

Scan URLs from a file hosts.txt with default settings:

rxss -i hosts.txt

Scan URLs with a custom payload and output results to output.txt:

rxss -i hosts.txt -p "<script>alert('XSS')</script>" -o output.txt

Acknowledgments

Built with Python
Utilizes Requests for HTTP requests
qsreplace for query string manipulation

Keywords

FAQs

What is rxss?

Is rxss well maintained?

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install