KNOXSS Community Edition wot Brute Logic
Tool for XSS (Cross-Site Scripting) discovery.
369 wužiwarjow369 wužiwarjow
Trjebaće Firefox, zo byšće tute rozšěrjenje wužiwał
Metadaty rozšěrjenja
Fota wobrazowki
Wo tutym rozšěrjenju
KNOXSS Community Edition is a FREE standalone version of KNOXSS browser add-on designed to find the main XSS (Cross-Site Scripting) cases shown here.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
Z 4 wot 4 pohódnoćacych pohódnoćeny
Prawa a datyDalše informacije
Trěbne prawa:
- Zdźělenki na was pokazać
- Mějće přistup k rajtarkam wobhladowaka
- Mějće přistup k aktiwiće wobhladowaka za nawigaciju
- Přistup k wašim datam za wšě websydła měć
Dalše informacije
- Přidatkowe wotkazy
- Wersija
- 0.2.0
- Wulkosć
- 18,19 KB
- Posledni raz zaktualizowany
- 6 år sidan (12. aug. 2019)
- Přiwuzne kategorije
- Licenca
- Wšě prawa wuměnjene
- Wersijowa historija
- Zběrce přidać
Tutoho wuwiwarja podpěrać
Wuwiwar tutoho rozšěrjenja was prosy, mały přinošk darić, zo byšće jeho wuwiće podpěrał.
Wersijowe informacije za 0.2.0
Added automatic capture of HTML forms to find XSS with POST method.
Added PoC for XSS with POST method.
Added PoC for XSS with POST method.
Wjace rozšěrjenjow wot Brute Logic
Hišće pohódnoćenja njejsu- Hišće pohódnoćenja njejsu
- Hišće pohódnoćenja njejsu
- Hišće pohódnoćenja njejsu
- Hišće pohódnoćenja njejsu
- Hišće pohódnoćenja njejsu