KNOXSS Community Edition troch Brute Logic
Tool for XSS (Cross-Site Scripting) discovery.
365 brûkers365 brûkers
Jo hawwe Firefox nedich om dizze útwreiding te brûken
Metadata útwreiding
Skermôfbyldingen
Oer dizze útwreiding
KNOXSS Community Edition is a FREE standalone version of KNOXSS browser add-on designed to find the main XSS (Cross-Site Scripting) cases shown here.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
Wurdearre: 4 troch 4 beoardielers
Tastimmingen en gegevensMear ynfo
Fereaske machtigingen:
- Notifikaasjes werjaan
- Browserljepblêden benaderje
- Browseraktiviteit wylst navigearjen benaderje
- Jo gegevens foar alle websites benaderje
Mear ynformaasje
- Add-on-keppelingen
- Ferzje
- 0.2.0
- Grutte
- 18,19 KB
- Lêst bywurke
- 6 jierren lyn (12 aug. 2019)
- Sibbe kategoryen
- Lisinsje
- Alle rjochten foarbehâlden
- Ferzjeskiednis
- Tafoegje oan kolleksje
Dizze ûntwikkeler stypje
De ûnwikkeler fan dizze útwreiding freget om stipe foar de trochgeande ûntwikkeling troch it meitsjen fan in lytse bydrage.
Utjefte-opmerkingen foar 0.2.0
Added automatic capture of HTML forms to find XSS with POST method.
Added PoC for XSS with POST method.
Added PoC for XSS with POST method.
Mear útwreidingen fan Brute Logic
Der binne noch gjin wurdearringen- Der binne noch gjin wurdearringen
- Der binne noch gjin wurdearringen
- Der binne noch gjin wurdearringen
- Der binne noch gjin wurdearringen
- Der binne noch gjin wurdearringen