Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.
des_outils_pour_scanner_des_xss [2019/09/15 12:08] M0N5T3R |
des_outils_pour_scanner_des_xss [2020/06/01 14:06] (Version actuelle) m0n5t3r |
||
---|---|---|---|
Ligne 1: | Ligne 1: | ||
+ | FIXME **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci | ||
+ | |||
+ | ====== Des outils pour scanner des XSS ====== | ||
+ | |||
+ | **XSS online scanner** | ||
+ | |||
+ | |||
+ | 🛠 Find xss online https://pentest-tools.com/website-vulnerability-scanning/xss-scanner-online# | ||
+ | |||
+ | 🛠 Find xss online http://xss-scanner.com/ | ||
+ | |||
+ | **XSS webmail** | ||
+ | |||
+ | 🛠 Webmail XSS Tester - Excess2 https://www.gremwell.com/excess2_webmail_xss_tester | ||
+ | |||
+ | |||
+ | 🛠 xss-webmail-fuzzer.py | ||
+ | https://pastebin.com/xZQ3WfNS | ||
+ | |||
+ | |||
+ | **XSS ** | ||
+ | |||
+ | 🛠 XSS-Radar https://github.com/bugbountyforum/XSS-Radar | ||
+ | |||
+ | 🛠 XSSHunter https://github.com/mandatoryprogrammer/xsshunter | ||
+ | |||
+ | 🛠 xsshunter_client https://github.com/mandatoryprogrammer/xsshunter_client | ||
+ | |||
+ | 🛠 Domxssscanner https://github.com/yaph/domxssscanner | ||
+ | |||
+ | 🛠 BruteXSS https://github.com/rajeshmajumdar/BruteXSS | ||
+ | |||
+ | 🛠 XSS'OR http://xssor.io/ | ||
+ | |||
+ | 🛠 Powerfull XSS Scanning and Parameter analysis tool&gem https://github.com/hahwul/XSpear | ||
+ | |||
+ | 🛠 PwnXSS: Vulnerability (XSS) scanner exploit https://github.com/pwn0sec/PwnXSS | ||
+ | |||
+ | 🛠 XSS Payloads The wonderland of JavaScript unexpected usages, and more. | ||
+ | Much much more ... http://www.xss-payloads.com | ||
+ | |||
+ | 🛠 XSS Hunter Burp Plugin https://github.com/mystech7/Burp-Hunter | ||
+ | |||
+ | |||
+ | 🛠 Automated blind-xss search for Burp Suite. Contribute to wish-i-was/femida development by creating an account on GitHub. https://github.com/wish-i-was/femida | ||
+ | |||
+ | 🛠 DOM XSS scanner for Single Page Applications https://github.com/fcavallarin/domdig | ||
+ | |||
+ | 🛠 Burp extension helps in finding blind xss vulnerabilities - BitTheByte/BitBlinder https://github.com/BitTheByte/BitBlinder | ||
+ | |||
+ | 🛠 XSS explot kit/Blind XSS framework/BurpSuite extension - psych0tr1a/elScripto https://github.com/psych0tr1a/elScripto | ||
+ | |||
+ | |||
+ | 🛠 This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities. https://github.com/nVisium/xssValidator | ||
+ | |||
+ | |||
+ | 🛠 Burp plugin able to find reflected XSS on page in real-time while browsing on site https://github.com/elkokc/reflector | ||
🛠 Cross Site Scripting Recursive Scanner https://github.com/hdbreaker/XSS_SCANER | 🛠 Cross Site Scripting Recursive Scanner https://github.com/hdbreaker/XSS_SCANER | ||
+ | 🛠 xsshunter https://github.com/mandatoryprogrammer/xsshunter | ||
🛠 An automatic XSS discovery tool https://github.com/gbrindisi/xsssniper | 🛠 An automatic XSS discovery tool https://github.com/gbrindisi/xsssniper | ||
Ligne 58: | Ligne 116: | ||
🛠 XSSYA-V-2.0 (XSS Vulnerability Confirmation ) https://github.com/yehia-mamdouh/XSSYA-V-2.0 | 🛠 XSSYA-V-2.0 (XSS Vulnerability Confirmation ) https://github.com/yehia-mamdouh/XSSYA-V-2.0 | ||
+ | |||
+ | 🛠 XSS Chef: A #web #application for generating custom #XSS #payloads. https://github.com/rastating/xss-chef | ||
+ | 🛠 Vaya-ciego-nen is a tool that allows you to create your own webapp to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities. https://github.com/hipotermia/vaya-ciego-nen | ||