hackingtool/tools/xss_attack.py
2020-12-14 12:29:44 -05:00

146 lines
4.6 KiB
Python

# coding=utf-8
import os
import subprocess
from core import HackingTool
from core import HackingToolsCollection
class Dalfox(HackingTool):
TITLE = "DalFox(Finder of XSS)"
DESCRIPTION = "XSS Scanning and Parameter Analysis tool."
INSTALL_COMMANDS = [
"sudo apt-get install golang",
"sudo git clone https://github.com/hahwul/dalfox",
"cd dalfox;go install"
]
RUN_COMMANDS = [
"~/go/bin/dalfox",
'echo "You Need To Run manually by using [!]~/go/bin/dalfox [options]"'
]
PROJECT_URL = "https://github.com/hahwul/dalfox"
class XSSPayloadGenerator(HackingTool):
TITLE = "XSS Payload Generator"
DESCRIPTION = "XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDER"
INSTALL_COMMANDS = [
"git clone https://github.com/capture0x/XSS-LOADER.git",
"cd XSS-LOADER;sudo pip3 install -r requirements.txt"
]
RUN_COMMANDS = ["cd XSS-LOADER;sudo python3 payloader.py"]
PROJECT_URL = "https://github.com/capture0x/XSS-LOADER.git"
class XSSFinder(HackingTool):
TITLE = "Extended XSS Searcher and Finder"
DESCRIPTION = "Extended XSS Searcher and Finder"
INSTALL_COMMANDS = [
"git clone https://github.com/Damian89/extended-xss-search.git"]
PROJECT_URL = "https://github.com/Damian89/extended-xss-search"
def after_install(self):
print("""\033[96m
Follow This Steps After Installation:-
\033[31m [*] Go To extended-xss-search directory,
and Rename the example.app-settings.conf to app-settings.conf
""")
input("Press ENTER to continue")
def run(self):
print("""\033[96m
You have To Add Links to scan
\033[31m[!] Go to extended-xss-search
[*] config/urls-to-test.txt
[!] python3 extended-xss-search.py
""")
class XSSFreak(HackingTool):
TITLE = "XSS-Freak"
DESCRIPTION = "XSS-Freak is an XSS scanner fully written in python3 from scratch"
INSTALL_COMMANDS = [
"git clone https://github.com/PR0PH3CY33/XSS-Freak.git",
"cd XSS-Freak;sudo pip3 install -r requirements.txt"
]
RUN_COMMANDS = ["cd XSS-Freak;sudo python3 XSS-Freak.py"]
PROJECT_URL = "https://github.com/PR0PH3CY33/XSS-Freak"
class XSpear(HackingTool):
TITLE = "XSpear"
DESCRIPTION = "XSpear is XSS Scanner on ruby gems"
INSTALL_COMMANDS = ["gem install XSpear"]
RUN_COMMANDS = ["XSpear -h"]
PROJECT_URL = "https://github.com/hahwul/XSpear"
class XSSCon(HackingTool):
TITLE = "XSSCon"
INSTALL_COMMANDS = [
"git clone https://github.com/menkrep1337/XSSCon.git",
"sudo chmod 755 -R XSSCon"
]
PROJECT_URL = "https://github.com/menkrep1337/XSSCon"
def run(self):
website = input("Enter Website >> ")
os.system("cd XSSCon;")
subprocess.run(["python3", "xsscon.py", "-u", website])
class XanXSS(HackingTool):
TITLE = "XanXSS"
DESCRIPTION = "XanXSS is a reflected XSS searching tool\n " \
"that creates payloads based from templates"
INSTALL_COMMANDS = ["git clone https://github.com/Ekultek/XanXSS.git"]
PROJECT_URL = "https://github.com/Ekultek/XanXSS"
def run(self):
os.system("cd XanXSS ;python xanxss.py -h")
print("\033[96m You Have to run it manually By Using\n"
" [!]python xanxss.py [Options]")
class XSSStrike(HackingTool):
TITLE = "Advanced XSS Detection Suite"
DESCRIPTION = "XSStrike is a python script designed to detect and exploit XSS vulnerabilites."
INSTALL_COMMANDS = [
"sudo rm -rf XSStrike",
"git clone https://github.com/UltimateHackers/XSStrike.git "
"&& cd XSStrike && pip install -r requirements.txt"
]
PROJECT_URL = "https://github.com/UltimateHackers/XSStrike"
def __init__(self):
super(XSSStrike, self).__init__(runnable = False)
class RVuln(HackingTool):
TITLE = "RVuln"
DESCRIPTION = "RVuln is multi-threaded and Automated Web Vulnerability " \
"Scanner written in Rust"
INSTALL_COMMANDS = [
"sudo git clone https://github.com/iinc0gnit0/RVuln.git;"
"curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh;"
"source $HOME/.cargo/env",
"sudo apt install openssl-dev;sudo cp -r RVuln/ /usr/bin"
]
RUN_COMMANDS = ["RVuln"]
PROJECT_URL = "https://github.com/iinc0gnit0/RVuln"
class XSSAttackTools(HackingToolsCollection):
TITLE = "XSS Attack Tools"
TOOLS = [
Dalfox(),
XSSPayloadGenerator(),
XSSFinder(),
XSSFreak(),
XSpear(),
XSSCon(),
XanXSS(),
XSSStrike(),
RVuln()
]