femtopixel/xsstrike
Advanced XSS Detection Suite - Docker image (Multiarch)
1.7K
This image allows you to have XSStrike installed easily thanks to Docker.
docker run --rm -ti femtopixel/xsstrike
XSStrike v3.1.4
usage: xsstrike.py [-h] [-u target] [--data paramdata] [-e encode] [--fuzzer]
[--update] [--timeout timeout] [--proxy] [--params]
[--crawl] [--json] [--path] [--seeds args_seeds]
[-f args_file] [-l level] [--headers [add_headers]]
[-t threadcount] [-d delay] [--skip] [--skip-dom] [--blind]
[--console-log-level {debug,info,run,good,warning,error,critical,vuln}]
[--file-log-level {debug,info,run,good,warning,error,critical,vuln}]
[--log-file log_file]
optional arguments:
-h, --help show this help message and exit
-u target, --url target
url
--data paramdata post data
-e encode, --encode encode
encode payloads
--fuzzer fuzzer
--update update
--timeout timeout timeout
--proxy use prox(y|ies)
--params find params
--crawl crawl
--json treat post data as json
--path inject payloads in the path
--seeds args_seeds load crawling seeds from a file
-f args_file, --file args_file
load payloads from a file
-l level, --level level
level of crawling
--headers [add_headers]
add headers
-t threadcount, --threads threadcount
number of threads
-d delay, --delay delay
delay between requests
--skip don't ask to continue
--skip-dom skip dom checking
--blind inject blind xss payload while crawling
--console-log-level {debug,info,run,good,warning,error,critical,vuln}
console logging level
--file-log-level {debug,info,run,good,warning,error,critical,vuln}
file logging level
--log-file log_file name of the file to log
Just pass the parameters after the command. (eg. docker run --rm -ti femtopixel/xsstrike -u https://www.example.com
)
If you don't have Docker installed yet, you can do it easily in one line using this command
curl -sSL "https://gist.githubusercontent.com/jaymoulin/e749a189511cd965f45919f2f99e45f3/raw/0e650b38fde684c4ac534b254099d6d5543375f1/ARM%2520(Raspberry%2520PI)%2520Docker%2520Install" | sudo sh && sudo usermod -aG docker $USER
docker pull femtopixel/xsstrike