KNOXSS Community Edition di Brute Logic
Tool for XSS (Cross-Site Scripting) discovery.
Ti covente Firefox par doprâ cheste estension
Metadâts de estension
Schermadis
Informazions su la estension
KNOXSS Community Edition is a FREE standalone version of KNOXSS browser add-on designed to find the main XSS (Cross-Site Scripting) cases shown here.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
In current version (beta 0.2.0) it can detect all XSS cases below for GET and POST requests. Just open one of the testing URLs and click on add-on's icon in your Firefox.
Main advantages include HIGH SPEED and GOOD EFFICIENCY to find covered cases in regular scenarios (exact reflection of input in response).
Unfortunately it's very prone to both false positive and false negative since it works by parsing the source code not by actual detection of JavaScript execution like main KNOXSS does.
Here are the URLs (XSS cases) for testing:
GET Method:
https://brutelogic.com.br/gxss.php?a=any
https://brutelogic.com.br/gxss.php?b1=any
https://brutelogic.com.br/gxss.php?b2=any
https://brutelogic.com.br/gxss.php?b3=any
https://brutelogic.com.br/gxss.php?b4=any
https://brutelogic.com.br/gxss.php?c1=any
https://brutelogic.com.br/gxss.php?c2=any
https://brutelogic.com.br/gxss.php?c3=any
https://brutelogic.com.br/gxss.php?c4=any
https://brutelogic.com.br/gxss.php?c5=any
https://brutelogic.com.br/gxss.php?c6=any
POST Method:
http://testphp.vulnweb.com/
https://demo.testfire.net/
https://brutelogic.com.br/pxss.php
Feedback is welcome @brutelogic.
Valute la tĂ´ esperience
Sosten chest svilupadĂ´r
Il svilupadôr di cheste estension ti domande di sostignÎlu tal so disvilup continuatÎf fasint une piçule donazion.
PermèsPlui informazions
Chest component adizionâl al à bisugne di:
- Mostrâti notifichis
- Acedi aes schedis dal navigadĂ´r
- Acedi ae ativitât dal navigadôr dulinvie la navigazion
- Acedi ai tiei dâts di ducj i sÎts web
Altris informazions
- Colegaments component adizionâl
- Version
- 0.2.0
- Dimension
- 18,19 kB
- Ultin inzornament
- pred 6 rokmi (12. aug 2019)
- Categoriis coreladis
- Licence
- Ducj i dirits riservâts
- Cronologjie versions
Zonte ae racuelte
Notis di publicazion pe version 0.2.0
Added automatic capture of HTML forms to find XSS with POST method.
Added PoC for XSS with POST method.
Added PoC for XSS with POST method.
Altris estensions di Brute Logic
No son ancjemò valutazions- No son ancjemò valutazions
- No son ancjemò valutazions
- No son ancjemò valutazions
- No son ancjemò valutazions
- No son ancjemò valutazions