Convert Figma logo to code with AI

DanMcInerney logoxsscrapy

XSS spider - 66/66 wavsep XSS detected

1,648
439
1,648
39
View on GitHub

Top Related Projects

s0md3v's avatar

XSStrike

13,141

Most advanced XSS scanner.

swisskyrepo's avatar

PayloadsAllTheThings

60,720

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

andresriancho's avatar

w3af

4,544

w3af: web application attack and audit framework, the open source web vulnerability scanner.

sqlmapproject's avatar

sqlmap

32,268

Automatic SQL injection and database takeover tool

OWASP's avatar

CheatSheetSeries

27,866

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Quick Overview

XSSCrapy is a fast web application spider designed to detect cross-site scripting (XSS) vulnerabilities. It crawls web applications and automatically tests for XSS vulnerabilities, making it a valuable tool for security researchers and penetration testers.

Pros

  • Fast and efficient crawling of web applications
  • Automatic detection of XSS vulnerabilities
  • Customizable settings for targeted scanning
  • Generates detailed reports of findings

Cons

  • May produce false positives in some cases
  • Requires careful configuration to avoid overwhelming target servers
  • Limited to XSS detection, not a comprehensive web application security scanner
  • May not detect more complex or obfuscated XSS vulnerabilities

Code Examples

# Initialize the XSSCrapy spider
spider = XSSCrapy(url="https://example.com", cookies="session_id=1234")

# Configure custom headers for the scan
spider.set_headers({
    "User-Agent": "Custom User Agent",
    "Referer": "https://example.com"
})

# Start the crawl and XSS detection process
results = spider.crawl()

# Generate and save a report of the findings
spider.generate_report(results, "xss_report.html")

Getting Started

To get started with XSSCrapy, follow these steps:

  1. Clone the repository:

    git clone https://github.com/DanMcInerney/xsscrapy.git

  2. Install the required dependencies:

    pip install -r requirements.txt

  3. Run XSSCrapy:

    python xsscrapy.py -u https://example.com

For more advanced usage and configuration options, refer to the project's documentation on GitHub.

Competitor Comparisons

s0md3v logo

XSStrike

13,141

Most advanced XSS scanner.

Pros of XSStrike

  • More advanced detection techniques, including fuzzing and DOM XSS scanning
  • Actively maintained with regular updates and bug fixes
  • Supports multiple output formats for easier integration with other tools

Cons of XSStrike

  • May produce more false positives due to aggressive scanning techniques
  • Requires more system resources, potentially slower on large targets
  • Steeper learning curve for beginners due to advanced features

Code Comparison

XSStrike uses a more modular approach:

def scan(url, params, headers, GET, delay, timeout):
    # Scanning logic
    pass

def fuzzer(url, params, headers, GET, delay, timeout):
    # Fuzzing logic
    pass

xsscrapy uses a more integrated approach:

class XSSspider(CrawlSpider):
    def __init__(self, *args, **kwargs):
        # Spider initialization
        pass

    def parse_resp(self, response):
        # Parsing and XSS detection logic
        pass

XSStrike offers more granular control over scanning processes, while xsscrapy integrates crawling and scanning in a single spider class. XSStrike's modular design allows for easier customization and extension of functionality, but xsscrapy's integrated approach may be simpler for basic use cases.

swisskyrepo logo

PayloadsAllTheThings

60,720

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Pros of PayloadsAllTheThings

  • Comprehensive collection of payloads for various attack vectors, not limited to XSS
  • Regularly updated with new techniques and payloads
  • Well-organized structure, making it easy to find specific payloads

Cons of PayloadsAllTheThings

  • Lacks automated scanning functionality
  • Requires manual implementation of payloads
  • May overwhelm users with the sheer volume of information

Code Comparison

xsscrapy:

def make_url_fp(self, url):
    return re.sub('\?.*', '', url).lower()

def make_body_fp(self, body):
    return re.sub('\s|=|>|<', '', body).lower()

PayloadsAllTheThings:

# XSS Injection

## Client Side Template Injection

{{constructor.constructor('alert(1)')()}}

Note: The code comparison is not directly equivalent, as xsscrapy is a Python-based scanning tool, while PayloadsAllTheThings is a collection of payload examples in various formats.

PayloadsAllTheThings offers a wide range of attack vectors and payloads, making it a valuable resource for security researchers and penetration testers. However, it requires manual implementation and lacks the automated scanning capabilities of xsscrapy. xsscrapy, on the other hand, focuses specifically on XSS vulnerabilities and provides automated scanning, but has a narrower scope compared to PayloadsAllTheThings.

andresriancho logo

w3af

4,544

w3af: web application attack and audit framework, the open source web vulnerability scanner.

Pros of w3af

  • More comprehensive web application security scanner, covering a wider range of vulnerabilities
  • Actively maintained with regular updates and a larger community
  • Offers both command-line and GUI interfaces for flexibility

Cons of w3af

  • Steeper learning curve due to its extensive features and configuration options
  • Can be slower in scanning compared to xsscrapy's focused approach
  • May produce more false positives due to its broader scope

Code Comparison

xsscrapy focuses specifically on XSS vulnerabilities:

def testReflection(self, page, paramName, paramValue, headers):
    # XSS-specific reflection test
    reflection = self.reflectionFinder(page, paramValue)
    if reflection:
        return True

w3af has a more generic approach to vulnerability detection:

def audit(self, freq, orig_response):
    # Generic vulnerability audit
    for mutant in self.create_mutants(freq):
        self._check_mutant(mutant)

w3af offers a broader range of security checks, while xsscrapy is more focused on XSS detection. w3af is better suited for comprehensive web application security assessments, while xsscrapy excels in quick and efficient XSS vulnerability scanning. The choice between the two depends on the specific security testing requirements and the user's expertise level.

sqlmapproject logo

sqlmap

32,268

Automatic SQL injection and database takeover tool

Pros of sqlmap

  • More comprehensive SQL injection testing capabilities
  • Actively maintained with frequent updates
  • Larger community and extensive documentation

Cons of sqlmap

  • Focused solely on SQL injection, lacking XSS detection
  • More complex to use for beginners
  • Potentially slower for large-scale scanning

Code Comparison

sqlmap:

def getPage(**kwargs):
    web = kwargs.get("web", None)
    url = kwargs.get("url", None)
    data = kwargs.get("data", None)
    method = kwargs.get("method", None)
    cookie = kwargs.get("cookie", None)

xsscrapy:

def parse(self, response):
    resp_url = response.url
    body = response.body_as_unicode()
    cookies = self.get_cookies()
    self.parse_resp(resp_url, body, cookies)

sqlmap offers more granular control over HTTP requests, while xsscrapy focuses on parsing responses for XSS vulnerabilities. sqlmap's code structure allows for more detailed customization of requests, which is crucial for SQL injection testing. xsscrapy's parsing approach is simpler and more focused on XSS detection.

Both tools serve different purposes in web application security testing. sqlmap excels in SQL injection detection and exploitation, while xsscrapy specializes in identifying XSS vulnerabilities. The choice between them depends on the specific security testing requirements and the target application's characteristics.

OWASP logo

CheatSheetSeries

27,866

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Pros of CheatSheetSeries

  • Comprehensive security resource covering multiple topics
  • Regularly updated with community contributions
  • Provides practical, actionable advice for developers

Cons of CheatSheetSeries

  • Not a tool, but a collection of guidelines
  • Requires manual implementation of security practices
  • May be overwhelming for beginners due to extensive content

Code Comparison

While a direct code comparison isn't applicable due to the nature of these projects, here's a brief overview:

xsscrapy (Python):

def parse(self, response):
    # XSS scanning logic
    self.xss_scanner.scan(response)

CheatSheetSeries (Markdown):

## XSS Prevention

1. Use proper output encoding
2. Implement Content Security Policy (CSP)
3. Validate and sanitize user input

xsscrapy is a tool for automated XSS detection, while CheatSheetSeries provides guidelines for preventing XSS and other security issues.

Summary

xsscrapy is a specialized tool for XSS detection, offering automated scanning capabilities. CheatSheetSeries, on the other hand, is a comprehensive security resource covering various topics, including XSS prevention. While xsscrapy provides immediate results, CheatSheetSeries offers long-term value through education and best practices. The choice between them depends on whether you need an automated scanning tool or a reference guide for implementing security measures.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

xsscrapy

Fast, thorough, XSS/SQLi spider. Give it a URL and it'll test every link it finds for cross-site scripting and some SQL injection vulnerabilities. See FAQ for more details about SQLi detection.

From within the main folder run:

./xsscrapy.py -u http://example.com

If you wish to login then crawl:

./xsscrapy.py -u http://example.com/login_page -l loginname

If you wish to login with HTTP Basic Auth then crawl:

./xsscrapy.py -u http://example.com/login_page -l loginname --basic

If you wish to use cookies:

./xsscrapy.py -u http://example.com/login_page --cookie "SessionID=abcdef1234567890"

If you wish to limit simultaneous connections to 20:

./xsscrapy.py -u http://example.com -c 20

If you want to rate limit to 60 requests per minute:

./xsscrapy.py -u http://example.com/ -r 60

XSS vulnerabilities are reported in xsscrapy-vulns.txt

Dependencies

wget -O -u https://bootstrap.pypa.io/get-pip.py
python get-pip.py
pip install -r requirements.txt

May need additional libraries depending on OS. libxml2 libxslt zlib libffi openssl (sometimes libssl-dev)

Tests

  • Cookies
  • User-Agent
  • Referer
  • URL variables
  • End of URL
  • URL path
  • Forms both hidden and explicit

FAQ

  • If it gives an error : ImportError: cannot import name LinkExtractor. This means that you don't have the latest version of scrapy. You can install it using: sudo pip install --upgrade scrapy.
  • It's called XSScrapy, so why SQL injection detection too? There is overlap between dangerous XSS chars and dangerous SQL injection characters, namely single and double quotes. Detecting SQL injection errors in a response is also simple and nonCPU-intensive. So although 99% of this script is strongly geared toward high and accurate detection of XSS adding simple SQL injection detection through error message discovery is a simple and effective addition. This script will not test for blind sql injection. Error messages it looks for come straight from w3af's sqli audit plugin.

License

Copyright (c) 2014, Dan McInerney All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  • Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  • Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
  • Neither the name of Dan McInerney nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.