s0md3v/XSStrike
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
449 Commits 1 Branch 0 Tags
eb52451f3327fe7e36252bcc85f2357024f145db
Commit Graph

168 Commits

Author SHA1 Message Date
Somdev Sangwan
b5ef9979c6 Add files via upload 2019-11-01 00:23:25 +05:30
Somdev Sangwan
58066bbad3 Add files via upload 2019-10-31 18:36:50 +05:30
RyunosukeA
339342eee5 fix comment regex 2019-10-17 19:26:18 +08:00
Somdev Sangwan
470f138db5 fixed quoteless attribute context (Fixes #251) 2019-07-10 17:47:34 +05:30
Somdev Sangwan
d69402bf83 only crawl webpages (Fixes #253) 2019-07-10 17:43:03 +05:30
Somdev Sangwan
160bbf8372 dropping browser validation temporarily 2019-06-08 16:18:31 +05:30
Devin Stokes
7fea5ff9fd Modified the alert detection method to avoid false positives. 2019-05-22 14:07:56 -07:00
Devin Stokes
1907d701dc Fixed bug in browserEngine that wouldn't initialize browser on navigation in some conditions. 2019-05-01 10:09:41 -07:00
Somdev Sangwan
0e8a75bcc4 Added browser validation for 0 false positives 2019-05-01 22:07:33 +05:30
Devin Stokes
8e00a32511 Move browser initialization out of browserEngine and put it in to scan.py 2019-05-01 09:11:52 -07:00
Devin Stokes
2c3b1e1676 Removed logging from browserEngine 2019-05-01 07:27:08 -07:00
Devin Stokes
16e0dd25b5 Updated naming in browserEngine.py 
Refactored methods in browserEngine to be more readable

Fixed logging methods used when adding the browserEngine (ie. info/debug/good/etc)
 2019-04-30 19:19:00 -07:00
Devin Stokes
c03c085eeb Removed browser quit arguments and made a method out of it to be called externally 2019-04-30 18:09:30 -07:00
Devin Stokes
dada14f3e8 make the browser static so we don't have to initialize it each execution. 2019-04-30 17:52:44 -07:00
Devin Stokes
186cb9077d Added browser validation 2019-04-30 14:44:19 -07:00
Somdev Sangwan
5a6d77370b fixed a crawler bug 2019-04-30 22:09:40 +05:30
Somdev Sangwan
d28d553179 my cat ran across my keyboard 2019-04-30 22:07:29 +05:30
Somdev Sangwan
3e3b719157 fixed a crawler bug 2019-04-30 22:00:52 +05:30
Somdev Sangwan
4e61317095 handle flag like parameters 2019-04-20 13:19:45 +05:30
Somdev Sangwan
7de71b6fe8 coverage of 6 edge cases 2019-04-19 14:34:01 +05:30
Somdev Sangwan
01cdf08a2c dom scanning hotfix 2019-04-19 10:17:35 +05:30
Somdev Sangwan
db6dd5ad20 why are we still here? 2019-04-19 09:07:22 +05:30
Somdev Sangwan
5edf0a1dae what is the purpose of life? 2019-04-19 09:03:08 +05:30
Somdev Sangwan
5acc016b0a +1 utility 2019-04-19 09:00:22 +05:30
Somdev Sangwan
fd5893d92a fix script context handling 2019-04-19 08:59:12 +05:30
Somdev Sangwan
2979b597de fix script context handling 2019-04-19 08:58:44 +05:30
Somdev Sangwan
fbb9261622 improve script context handling 2019-04-19 08:58:16 +05:30
Somdev Sangwan
4b06601112 Adapt to API changes 2019-04-19 07:56:56 +05:30
Somdev Sangwan
3b3b23a86c adapt to API changes, support for more contexts 2019-04-19 07:56:17 +05:30
Somdev Sangwan
a845b6284a re-written to perfection 2019-04-19 07:53:57 +05:30
Somdev Sangwan
023c12fc3c +1 utility & minor changes 2019-04-19 07:53:00 +05:30
Somdev Sangwan
291f99a530 i hope no one sees it 2019-04-12 13:23:21 +05:30
Somdev Sangwan
666a8c0d73 Update htmlParser.py 2019-04-10 18:05:56 +05:30
Somdev Sangwan
52634c1ab2 + utility to correlate contexts with reflections 2019-04-10 18:04:43 +05:30
Somdev Sangwan
1972a9712b Fixes #226 2019-04-10 17:09:21 +05:30
Somdev Sangwan
9c6d6e8548 Potential fix for #226 2019-04-10 11:09:03 +05:30
Somdev Sangwan
538ecea109 Add files via upload 2019-04-08 13:48:44 +05:30
Somdev Sangwan
10e15a3459 updated changes for 3.1.3 2019-04-06 21:57:46 +05:30
Somdev Sangwan
9fd0cdec33 Delete browserEngine.py 2019-04-06 21:42:06 +05:30
Somdev Sangwan
d7f2a1bbf1 Add files via upload 2019-04-06 20:45:10 +05:30
Shobhit Bhosure
70d70ea2c9 Enable Colors for Windows 10 Build >= 10586 
Windows 10 added support for ANSI colors since Build 10586.
From Build 14393 ANSI needs to enabled by executable, hence os.system('') is used

Source : 
https://stackoverflow.com/a/39675059
https://github.com/symfony/symfony/issues/17499
 2019-02-03 17:26:43 +05:30
Somdev Sangwan
7ead844eec Update requester.py 2019-01-22 05:05:42 +05:30
Somdev Sangwan
98c6b347b4 Logging functionality (#193) 
* Add files via upload

* Add files via upload

* Logging functionality (Resolves #146)

* Created customized logger and setup file

* Start replacing prints

* Custom StreamHandler to allow '\r' as line terminator and updated more prints

* Remove setup.py

* Logger functionality to write red lines and records without format

* Possibility to set logging level when logging without format and usage of debug level instead of verboseOutput

* Replace utils logger function calls

* Fixes

* Import missing info color

* Move xsstrike.py imports to properly initialize loggers and add logger method to debug data using json

* Minor fix
 2019-01-21 04:57:55 +05:30
Somdev Sangwan
7907db26be Fixes #189 2019-01-21 01:40:29 +05:30
Somdev Sangwan
3723a95db4 Fixed variables parsing, better highlighting 2019-01-12 09:39:46 +05:30
Somdev Sangwan
7ac73b94b9 Better variable name parsing (Resolves #182) 2019-01-03 18:23:10 +05:30
Somdev Sangwan
d0c4ea0f4c updated changes for v3.1.2 2018-12-31 04:37:48 +05:30
Somdev Sangwan
032ff47650 treat all user controlled variables as sources 2018-12-31 04:34:59 +05:30
JohnPeng47
21b926bd21 fixed issue where foundParams are not being checked for in reflected response; added vscode folder to gitignore 2018-12-21 11:13:22 -05:00
Somdev Sangwan
1e171e48af Resolves #28 
Some improvements and error handling to the `--headers` argument
 2018-12-20 12:39:36 +05:30