Python으로 작성된 간단한 XSS Scanner
- 사용 옵션
$ python xss_scan.py
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.2g
by: Miroslav Stampar (@stamparm)
Usage: xss_scan.py [options]
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-u URL, --url=URL Target URL (e.g. "http://www.target.com/page.php?id=1")
--data=DATA POST data (e.g. "query=test")
--cookie=COOKIE HTTP Cookie header value
--user-agent=UA HTTP User-Agent header value
--referer=REFERER HTTP Referer header value
--proxy=PROXY HTTP proxy address (e.g. "http://127.0.0.1:8080")
- 사용 예제
$ python xss_scan.py -u "http://testphp.vulnweb.com/search.php?test=query" --data="searchFor=foobar"
Damn Small XSS Scanner (DSXS) < 100 LoC (Lines of Code) #v0.2g
by: Miroslav Stampar (@stamparm)
* scanning GET parameter 'test'
* scanning POST parameter 'searchFor'
(i) POST parameter 'searchFor' appears to be XSS vulnerable (">.xss.<", outside of tags, no filtering)
scan results: possible vulnerabilities found
참고 문서 : https://github.com/stamparm/DSXS
'+ Security' 카테고리의 다른 글
| [Squid] 스퀴드 프록시(프락시) 설치 및 보안 설정(Installation and Security Setting of Squid Proxy) (0) | 2017.06.17 |
|---|---|
| [Info] Encoding / Decoding 변환 사이트 (0) | 2016.12.10 |
| [Info] SSL & Cipher Configuration Generator (0) | 2016.12.10 |
| [Info] SSL Check 사이트 (0) | 2016.12.10 |
| [Shell Script] 간단한 SSL/TLS Check Script (0) | 2016.12.10 |
댓글