KNOXSS Community Edition 제작자: Brute Logic
Tool for XSS (Cross-Site Scripting) discovery.
이 확장 기능을 사용하려면 Firefox가 필요함
확장 메타 데이터
스크린샷
정보
KNOXSS Community Edition is a FREE standalone version of KNOXSS browser add-on designed to find the main XSS (Cross-Site Scripting) cases shown here.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
평가
이 개발자 지원
이 확장 기능의 개발자가 여러분이 작은 기여로 지속적인 개발을 지원해 줄 것을 요청합니다.
권한더 알아보기
다음 권한 필요:
- 알림 표시
- 브라우저 탭에 접근
- 탐색 중 브라우저 활동에 접근
- 모든 웹사이트에서 사용자의 데이터에 접근
추가 정보
모음집에 추가
버전 0.2.0의 출시 정보
Added automatic capture of HTML forms to find XSS with POST method.
Added PoC for XSS with POST method.
Added PoC for XSS with POST method.
Brute Logic 님의 다른 확장 기능
- 아직 평점이 없습니다
- 아직 평점이 없습니다
- 아직 평점이 없습니다
- 아직 평점이 없습니다
- 아직 평점이 없습니다
- 아직 평점이 없습니다