RXSSplorer collects reflected parameters potentially suitable for injection from various crawler tools and then tries to catch alert() from your proposed payload using qsreplace, airixss and kxss.
To use the Reflected XSS Scanner, simply run the main.py script:
python3 main.py -h
usage: main.py [-h] [-u URL] [-uf URLS_FILE] [-p PAYLOAD] [-pf PAYLOADS_FILE] [-o {txt,html}] [-H HEADERS]
options:
-h, --help show this help message and exit
-u URL, --url URL URL to scan
-uf URLS_FILE, --urls-file URLS_FILE
File containing URLs to scan
-p PAYLOAD, --payload PAYLOAD
Payload to use
-pf PAYLOADS_FILE, --payloads-file PAYLOADS_FILE
File containing payloads to use
-o {txt,html}, --output {txt,html}
Output format (txt/html)
-H HEADERS, --headers HEADERS
HTTP headers to pass to airixss (e.g., 'header1: value1,header2: value2')To scan a single URL, use the following command:
python3 main.py -u http://testphp.vulnweb.com/ -p '<your payload>'Do it this way:
python3 main.py -uf urls.txt -pf payloads.txtSo far, txt and html formats are available. Txt will be generated by default, so if you want to get the data in html format:
python3 main.py -uf urls.txt -pf payloads.txt -o htmlYou will receive the following message after the scan is completed:
The work is over. You can get acquainted with all vulnerable endpoints here: results.{txt or html depending on your choice}If you want to understand the operation of each tool from this zoo, you can do it here:
- cd to rxssplorer directory;
- Install requirements:
pip3 install -r requirements.txt - Install each tool listed in the paragraph above
P.S. an installation script will be here soon