EN
ENNA

XSStrike

GPL-3.0

Vulnerability Scanning · Python

XSStrike is an advanced cross-site scripting (XSS) detection suite that includes a powerful fuzzing engine, context analysis, and WAF detection/bypass capabilities. It automates the process of identifying XSS vulnerabilities by analyzing various contexts and injection points. Written in Python, XSStrike is a go-to tool for security testers looking to identify and exploit XSS vulnerabilities in web applications.

14.9kstars
2.1kforks
88issues
Updated 11mo ago
View on GitHub

Installation

$ pip install xsstrike

Tags

xsswaf-bypassfuzzingcontext-analysiswaf-detectionxss-bruteforcexss-detectionxss-exploitxss-pythonxss-scannerxsstrike

Details

Category
Vulnerability Scanning
Language
Python
Repository
s0md3v/XSStrike
License
GPL-3.0
Platforms
🐧linux🍎macos🪟windows

Links

GitHub Repository

github.com/s0md3v/XSStrike

Releases

github.com/s0md3v/XSStrike/releases

Issues

github.com/s0md3v/XSStrike/issues

Sponsored

Your ad here

Reach security professionals and developers — ads@en-na.com

More in Vulnerability Scanning

Nuclei

Go

Fast vulnerability scanner driven by YAML templates. Thousands of community-contributed detection templates.

template-basedcvemisconfig

sqlmap

Python

Automatic SQL injection and database takeover tool. Detects and exploits SQL injection flaws.

sql-injectiondatabaseautomated

WPScan

Ruby

WordPress security scanner. Enumerates plugins, themes, users, and checks for known vulnerabilities.

wordpressplugin-enumcve

OpenVAS

C

Full-featured vulnerability scanner. 50,000+ NVTs, credentialed scanning, compliance checks.

enterprisenvtcompliance

Commix

Python

Automated OS command injection exploitation tool. Tests web apps for command injection vulnerabilities.

command-injectionautomatedweb-app

testssl.sh

Shell

Command-line tool for checking TLS/SSL ciphers, protocols, and cryptographic flaws on any port.

tlssslcipher-check