Automated Vulnerability Scanner for XSS | Written in Python3 | Utilizes Selenium Headless Traxss is an automated framework to scan URLs and webpages for XSS Vulnerabilities. It includes over 575 Payloads to test with and multiple options for robustness of tests. View the gif above to see a preview of the fastest type of scan. Getting Started Prerequisites Traxss depends on Chromedriver. On MacOS this can be installed with the homebrew command: brew install cask chromedriver Alternatively, find a version for other operating systems here: https://sites.google.com/a/chromium.org/chromedriver/downloads Installation Run the command: pip3 install -r requirements.txt Running Traxss Traxx can be started with the command: python3 traxss.py This will launch an interactive CLI to guide you through the process. Types of Scans Full Scan w/ HTML Uses a query scan with 575+ payloads and attempts to find XSS vulnerabilities by passing parameters through the URL. It will also render the HTML and attempt to find manual XSS Vulnerablities (this feature is still in beta). Full Scan w/o HTML This scan will run the query scan only. Fast Scan w/ HTML This scan is the same as the full w/ HTML but it will only use 7 attack vectors rather than the 575+ vectors. Fast Scan w/o HTML This scan is the same as the fast w/o HTML but it will only use 7 attack vectors rather than the 575+ vectors. Download…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2019-10-11 20:30:002019-10-11 20:30:00Traxss - Automated XSS Vulnerability Scanner
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com