Code Monkey home page Code Monkey logo

xss_vibes_windowsed's Introduction

I DID NOT CREATE THIS!

I merely changed my version to work on windows, instead of linux terminal.

I used a python IDE to run it, like PYCHARM.

##################################################

XSS_VIBES

"Experience the Vibes of Security with xss_vibes"

alt_text

What's New?

  • Added threads feature: You can now specify the threads to send multiple request at the same time!(Details given below)
  • Improved Payloads: The payloads are now more accurate to the target
  • Single URL Scan: Now you can scan single url by using -u flag.
  • Headers: You can now add your custom headers to test authenticated or restricted endpoints!
  • Improved Adder.py: Now you can payloads directly from a file! The new adder.py can automatically detect all the dangerous characters.
  • WAF: This tool can now detect web application firewalls and then use specialized payloads to bypasss them.
  • Custom WAF: You can choose payloads that are designed for specific waf.

FEATURES

  • Customizable: You can add your custom payload using adder.py
  • Dynamic: The tool will prioritize the payloads based on the target's behavior
  • Scalable: You can use this tool on bunch of links
  • Speed: Send concurrent request to multiple urls

I N S T A L L A T I O N

1. Clone the repository: git clone https://github.com/faiyazahmad07/xss_vibes
2. Install the requirements file: pip3 install -r requirements
3. Run the main.py file

USAGE

python3 main.py -f <filename> -o <output>

-f: Filename that contains bunch of links
-o: Output filename in which all the vulnerable endpoints is stored
-t: No of threads[Increase the threads if you want more speed] (Max: 10)
-u: Single URL to scan.
-H: Custom Headers.(PLease use , within "" to add multiple headers)

Using  multiple  headers:
python3 main.py -f urls.txt -H "Cookies:test=123;id=asdasd, User-Agent: Mozilla/Firefox" -t 7 -o result.txt

Using  single  header:
python3 main.py -f urls.txt -H "Cookies:test=123;id=asdasd" -t 7 -o result.txt

Scanning single URL:
python3 main.py -u http://example.com/hpp/?pp=12 -o out.txt

Detect waf & scan:
python3 main.py -u http://example.com/hpp/?pp=12 -o out.txt --waf

Specify waf manually:

python3 main.py -u http://example.com/hpp/?pp=12 -o out.txt -w cloudflare

Using PIPE

cat katana.txt | python3 main.py --pipe -t 7

DEMONSTRATION

Video Link

CONTRIBUTORS

xss_vibes_windowsed's People

Contributors

faiyazahmad07 avatar cybersamuraidk avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.