Odo Head Spa offered by Odo Beauty Care Limited

Odo Beauty Care Limited Welcome to our first Odo Head Spa Salon located at 9F Pennington Com Bldg., 17 Pennington Street, Causeway Bay (Near to Regal Hotel, Hong Kong and above 7-11) 香港铜锣湾边寧顿亍 17号 边寧顿商业大厅厦电梯 9字 鄰近香港富豪酒店,7-11 樓上 TEL: 9010-1586 English and Japanese only (英/日语) Email: info@odo.com.hk BY APPOINTMENT ONLY 完全予約制 敬请电約

網頁

Powered By Blogger

2019年11月20日星期三

TraXSS - Automated XSS Vulnerability Scanner


  • Automated Vulnerability Scanner for XSS 
  • Written in Python3 


Traxss is an automated framework to scan URLs and webpages for XSS Vulnerabilities. It includes over 575 Payloads to test with and multiple options for robustness of tests.

Getting Started

Prerequisites
Traxss depends on Chromedriver. On MacOS this can be installed with the homebrew command:

brew install cask chromedriver

Alternatively, find a version for other operating systems here: https://sites.google.com/a/chromium.org/chromedriver/downloads

Installation

Run the command:

pip3 install -r requirements.txt

Running Traxss
Traxx can be started with the command:

python3 traxss.py

This will launch an interactive CLI to guide you through the process.

Types of Scans

Full Scan with HTML

Uses a query scan with 575+ payloads and attempts to find XSS vulnerabilities by passing parameters through the URL. It will also render the HTML and attempt to find manual XSS Vulnerablities (this feature is still in beta).

Full Scan w/o HTML

This scan will run the query scan only.

Fast Scan w/o HTML

This scan is the same as the full w/ HTML but it will only use 7 attack vectors rather than the 575+ vectors.

Fast Scan w/o HTML

This scan is the same as the fast w/o HTML but it will only use 7 attack vectors rather than the 575+ vectors.

Contributing

Thank you for your interest! All types of contributions are welcome.
  • Fork and clone this repository
  • Create your branch from the master branch
  • Please open your PR with the master branch as the base

Download TraXSS
social engineering hacking

沒有留言:

發佈留言