Search

TraXSS - Automated XSS Vulnerability Scanner


Automated Vulnerability Scanner for XSS

Written in Python3


Traxss is an automated framework to scan URLs and webpages for XSS Vulnerabilities. It includes over 575 Payloads to test with and multiple options for robustness of tests.

Getting Started

Prerequisites

Traxss depends on Chromedriver. On MacOS this can be installed with the homebrew command:


brew install cask chromedriver


Alternatively, find a version for other operating systems here: https://sites.google.com/a/chromium.org/chromedriver/downloads


Installation

Run the command:


pip3 install -r requirements.txt


Running Traxss

Traxx can be started with the command:


python3 traxss.py


This will launch an interactive CLI to guide you through the process.


Types of Scans

Full Scan with HTML


Uses a query scan with 575+ payloads and attempts to find XSS vulnerabilities by passing parameters through the URL. It will also render the HTML and attempt to find manual XSS Vulnerablities (this feature is still in beta).


Full Scan w/o HTML

This scan will run the query scan only.


Fast Scan w/o HTML

This scan is the same as the full w/ HTML but it will only use 7 attack vectors rather than the 575+ vectors.


Fast Scan w/o HTML

This scan is the same as the fast w/o HTML but it will only use 7 attack vectors rather than the 575+ vectors.


An Ethical hacker should know the penalties of unauthorized hacking into a system. Read more at: Legality and Ethics


#xss #vulnerability #xssvulnerability #hack #hacking #hacker #security #cybersecurity #kalilinux #leaks #informationsystems #informationsecurity #reconng #recoinassance #tool #pentester #pentesting #digitalforensics #scan #vulnerabilites #nightlife #fun #forensics #website #modules #keys #api #interface #program #cyberforensics


*********************************************************************************************************************


For more tricks and update over hacking stay tuned to our site: Note 4 Tech