KNOXSS Community Edition wót Brute Logic
Tool for XSS (Cross-Site Scripting) discovery.
375 wužywarjow375 wužywarjow
Trjebaśo Firefox, aby toś to rozšyrjenje wužywał
Metadaty rozšyrjenja
Fota wobrazowki
Wó toś tom rozšyrjenju
KNOXSS Community Edition is a FREE standalone version of KNOXSS browser add-on designed to find the main XSS (Cross-Site Scripting) cases shown here.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
Z 4 wót 4 pógódnośujucych pógódnośony
Pšawa a datyDalšne informacije
Trjebne pšawa:
- Powěźeńki na was pokazaś
- Pśistup k rejtarikam wobglědowaka měś
- Pśistup k aktiwiśe wobglědowaka za nawigaciju měś
- Pśistup k wašym datam za wšykne websedła měś
Dalšne informacije
- Dodankowe wótzkaze
- Wersija
- 0.2.0
- Wjelikosć
- 18,19 KB
- Slědny raz zaktualizěrowany
- 6 jierren lyn (12 aug. 2019)
- Pśiswójźbne kategorije
- Licenca
- Wšykne pšawa wuměnjone
- Wersijowa historija
- Zběrce pśidaś
Toś togo wuwijarja pódpěraś
Wuwijaŕ toś togo rozšyrjenja was pšosy, mały pśinošk pósćiś, aby jogo wuwiśe pódpěrał.
Wersijowe informacije za 0.2.0
Added automatic capture of HTML forms to find XSS with POST method.
Added PoC for XSS with POST method.
Added PoC for XSS with POST method.
Wěcej rozšyrjenjow wót Brute Logic
Hyšći pógódnośenja njejsu- Hyšći pógódnośenja njejsu
- Hyšći pógódnośenja njejsu
- Hyšći pógódnośenja njejsu
- Hyšći pógódnośenja njejsu
- Hyšći pógódnośenja njejsu