xssbase


Namexssbase JSON
Version 5.0.1 PyPI version JSON
download
home_pagehttps://mrfidal.in/cyber-security/xssbase
SummaryXSSBase: A tool for testing XSS vulnerabilities on websites.
upload_time2024-10-18 18:56:30
maintainerNone
docs_urlNone
authorMrFidal
requires_pythonNone
licenseMIT
keywords xss cross-site scripting vulnerability scanning security mrfidal
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            # XSSbase

XSSbase is a professional tool designed to help web developers scan for Cross-Site Scripting (XSS) vulnerabilities. It automates the process of testing web applications for XSS vulnerabilities by using a set of predefined payloads or custom payloads provided by the user.

- **Full Documentation**: <a href="https://bytebreach.github.io/pdf/xssbase-Full-Commands.pdf">Link</a>
- **Basic XSS (Cross-Site Scripting) Vulnerable HTML Code**: <a href="https://github.com/ByteBreach/xssbase-test">Link</a>

## Features

- **Automated XSS Testing**: Scans web applications for XSS vulnerabilities using a list of predefined or user-specified payloads.
- **Platform Support**: Currently supports Windows.
- **Custom Payloads**: Allows users to provide their own payloads for testing.
- **Error Handling**: Handles stale element reference errors gracefully and retries automatically.
- **Comprehensive Reports**: Provides detailed information about detected XSS vulnerabilities.
- **Payload List URL**: Displays a URL to a list of useful XSS payloads.

## Benefits

- **Time-Saving**: Automates the tedious process of testing for XSS vulnerabilities, saving developers valuable time.
- **Improved Security**: Helps in identifying and fixing XSS vulnerabilities, enhancing the overall security of web applications.
- **Customizable**: Users can use their own payloads for testing, making it highly customizable for specific needs.

## Payload Examples

Here are a few sample XSS payloads that XSSbase can use:

1. `<script>alert('XSS')</script>`
2. `<img src=x onerror=alert('XSS')>`
3. `<svg onload=alert('XSS')>`
4. `"><script>alert('XSS')</script>`
5. `<body onload=alert('XSS')>`

For a comprehensive collection of XSS payloads, refer to the [payloadbox XSS payload list](https://github.com/payloadbox/xss-payload-list/blob/master/Intruder/xss-payload-list.txt).

## Payload List

A comprehensive list of useful XSS payloads is available at: <a href="https://mrfidal.in/cyber-security/xssbase/payload-list.html">Click Here</a>

## Installation

Currently, XSSbase is only compatible with Windows. To install, use the following command:

```sh
pip install xssbase
```

## Usage

### Basic Usage

To test a URL for XSS vulnerabilities using the predefined payloads:
```sh
xssbase --url <URL>
```
### Using Custom Payloads

To test a URL for XSS vulnerabilities using custom payloads from a file:
```sh
xssbase --url <URL> --payload <payload-file.txt>
```
### Example

To test http://example.com for XSS vulnerabilities using predefined payloads:
```sh
xssbase --url http://example.com
```
To test http://example.com for XSS vulnerabilities using payloads from `custom-payloads.txt`:
```sh
xssbase --url http://example.com --payload custom-payloads.txt
```

### Arguments

`--url`: The URL to test for XSS vulnerabilities (required).

`--payload`: The file containing custom XSS payloads (optional).


### License
This project is licensed under the MIT <a href="https://pypi.org/project/xssbase/#description">License</a>. See the LICENSE file for details.

### Disclaimer
This tool is intended for educational purposes and for use by web developers to secure their own applications. Unauthorized or malicious use is strictly prohibited.

            

Raw data

            {
    "_id": null,
    "home_page": "https://mrfidal.in/cyber-security/xssbase",
    "name": "xssbase",
    "maintainer": null,
    "docs_url": null,
    "requires_python": null,
    "maintainer_email": null,
    "keywords": "xss, cross-site scripting, vulnerability, scanning, security, mrfidal",
    "author": "MrFidal",
    "author_email": "mrfidal@proton.me",
    "download_url": "https://files.pythonhosted.org/packages/5a/34/c492c95c1ed03bdc0b47bc97da25ae07e12ca30418abd260bcfef1b9d572/xssbase-5.0.1.tar.gz",
    "platform": null,
    "description": "# XSSbase\r\n\r\nXSSbase is a professional tool designed to help web developers scan for Cross-Site Scripting (XSS) vulnerabilities. It automates the process of testing web applications for XSS vulnerabilities by using a set of predefined payloads or custom payloads provided by the user.\r\n\r\n- **Full Documentation**: <a href=\"https://bytebreach.github.io/pdf/xssbase-Full-Commands.pdf\">Link</a>\r\n- **Basic XSS (Cross-Site Scripting) Vulnerable HTML Code**: <a href=\"https://github.com/ByteBreach/xssbase-test\">Link</a>\r\n\r\n## Features\r\n\r\n- **Automated XSS Testing**: Scans web applications for XSS vulnerabilities using a list of predefined or user-specified payloads.\r\n- **Platform Support**: Currently supports Windows.\r\n- **Custom Payloads**: Allows users to provide their own payloads for testing.\r\n- **Error Handling**: Handles stale element reference errors gracefully and retries automatically.\r\n- **Comprehensive Reports**: Provides detailed information about detected XSS vulnerabilities.\r\n- **Payload List URL**: Displays a URL to a list of useful XSS payloads.\r\n\r\n## Benefits\r\n\r\n- **Time-Saving**: Automates the tedious process of testing for XSS vulnerabilities, saving developers valuable time.\r\n- **Improved Security**: Helps in identifying and fixing XSS vulnerabilities, enhancing the overall security of web applications.\r\n- **Customizable**: Users can use their own payloads for testing, making it highly customizable for specific needs.\r\n\r\n## Payload Examples\r\n\r\nHere are a few sample XSS payloads that XSSbase can use:\r\n\r\n1. `<script>alert('XSS')</script>`\r\n2. `<img src=x onerror=alert('XSS')>`\r\n3. `<svg onload=alert('XSS')>`\r\n4. `\"><script>alert('XSS')</script>`\r\n5. `<body onload=alert('XSS')>`\r\n\r\nFor a comprehensive collection of XSS payloads, refer to the [payloadbox XSS payload list](https://github.com/payloadbox/xss-payload-list/blob/master/Intruder/xss-payload-list.txt).\r\n\r\n## Payload List\r\n\r\nA comprehensive list of useful XSS payloads is available at: <a href=\"https://mrfidal.in/cyber-security/xssbase/payload-list.html\">Click Here</a>\r\n\r\n## Installation\r\n\r\nCurrently, XSSbase is only compatible with Windows. To install, use the following command:\r\n\r\n```sh\r\npip install xssbase\r\n```\r\n\r\n## Usage\r\n\r\n### Basic Usage\r\n\r\nTo test a URL for XSS vulnerabilities using the predefined payloads:\r\n```sh\r\nxssbase --url <URL>\r\n```\r\n### Using Custom Payloads\r\n\r\nTo test a URL for XSS vulnerabilities using custom payloads from a file:\r\n```sh\r\nxssbase --url <URL> --payload <payload-file.txt>\r\n```\r\n### Example\r\n\r\nTo test http://example.com for XSS vulnerabilities using predefined payloads:\r\n```sh\r\nxssbase --url http://example.com\r\n```\r\nTo test http://example.com for XSS vulnerabilities using payloads from `custom-payloads.txt`:\r\n```sh\r\nxssbase --url http://example.com --payload custom-payloads.txt\r\n```\r\n\r\n### Arguments\r\n\r\n`--url`: The URL to test for XSS vulnerabilities (required).\r\n\r\n`--payload`: The file containing custom XSS payloads (optional).\r\n\r\n\r\n### License\r\nThis project is licensed under the MIT <a href=\"https://pypi.org/project/xssbase/#description\">License</a>. See the LICENSE file for details.\r\n\r\n### Disclaimer\r\nThis tool is intended for educational purposes and for use by web developers to secure their own applications. Unauthorized or malicious use is strictly prohibited.\r\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "XSSBase: A tool for testing XSS vulnerabilities on websites.",
    "version": "5.0.1",
    "project_urls": {
        "Homepage": "https://mrfidal.in/cyber-security/xssbase"
    },
    "split_keywords": [
        "xss",
        " cross-site scripting",
        " vulnerability",
        " scanning",
        " security",
        " mrfidal"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "87e3ce44a7defad3ff60cd67c5818759629ef5a908e22f10650978158bccb26f",
                "md5": "7147e8ff9f6a954c02c3ff3307ccd97a",
                "sha256": "d2ac9ee553a4dd62062e41635e2e4660f4d3f8891bbc4b92d2a52dd1b606609f"
            },
            "downloads": -1,
            "filename": "xssbase-5.0.1-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "7147e8ff9f6a954c02c3ff3307ccd97a",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": null,
            "size": 8015,
            "upload_time": "2024-10-18T18:56:28",
            "upload_time_iso_8601": "2024-10-18T18:56:28.798373Z",
            "url": "https://files.pythonhosted.org/packages/87/e3/ce44a7defad3ff60cd67c5818759629ef5a908e22f10650978158bccb26f/xssbase-5.0.1-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "5a34c492c95c1ed03bdc0b47bc97da25ae07e12ca30418abd260bcfef1b9d572",
                "md5": "e8815dd584a2b6521a0dad65b2fe0fe6",
                "sha256": "e1a3e43b3eff3d5b8d00902713086b953586747a4b23377a9c87dc79a306d276"
            },
            "downloads": -1,
            "filename": "xssbase-5.0.1.tar.gz",
            "has_sig": false,
            "md5_digest": "e8815dd584a2b6521a0dad65b2fe0fe6",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 8146,
            "upload_time": "2024-10-18T18:56:30",
            "upload_time_iso_8601": "2024-10-18T18:56:30.827201Z",
            "url": "https://files.pythonhosted.org/packages/5a/34/c492c95c1ed03bdc0b47bc97da25ae07e12ca30418abd260bcfef1b9d572/xssbase-5.0.1.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2024-10-18 18:56:30",
    "github": false,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "lcname": "xssbase"
}
        
Elapsed time: 1.60448s