Skip to content

yehia-mamdouh/XSSYA

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 1 tag
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
AUTHOR.txt
 
 
LICENSE.txt
 
 
README.md
 
 
custom.py
 
 
xssya.py
 
 

README.md

XSSYA-V2.0 has been Released - check https://github.com/yehia-mamdouh/XSSYA-V-2.0

XSSYA is a Cross Site Scripting Scanner & Vulnerability Confirmation (Working in two Methods)

• Method number 1 for Confirmation Request and Response

• Method number 2 for Confirmation Execute encoded payload and search for the same payload in web HTML code but decoded

• Support HTTPS

• After Confirmation (execute payload to get cookies)

• Identify 3 Types of WAF (Mod_Security - WebKnight - F5 BIG IP)

• Can be run in (Windows - Linux)

XSSYA Continue Library of Encoded Payloads To Bypass WAF (Web Application Firewall) It Also Support Saving the Web Html Code Before Executing the Payload Viewing the Web HTML Code into the Screen or Terminal

$ Python xssya.py

Links should end with (/or=or?)

Example

$ Python xssya.py

http://www.domain.com/ http://www.domain.com= http://www.domain.com?

The only Module need to download is colorama-0.2.7 https://pypi.python.org/pypi/colorama

Note: Crawling (need to be enhanced)

About

XSSYA (Cross Site Scripting Scanner & Vulnerability Confirmation)

Resources

Readme

License

View license

Stars

93 stars

Watchers

10 watching

Forks

35 forks

Releases 1

XSSYA V-1.0 Latest
Mar 20, 2015

Packages

No packages published

Contributors 2

  •  
  •  

Languages