anti-XSS:开源XSS脚本检测工具

华盟原创文章投稿奖励计划

anti-XSS: An open source XSS vulnerability scanner. 通过一段时间的设计、编码和测试工作,我在Github上发布了我的开源XSS脚本扫描工具anti-XSS

anti-XSS采用Python编写,除了必要的系统库和报告生成库,没有引入任何第三方库。通过迭代和二次开发,anti-XSS不仅可以在远端对目标站点进行XSS脚本的探测扫描,同时还可以部署在服务器上监控Web环境。

项目地址:https://github.com/lewangbtcc/anti-XSS

目前发布的版本为anti-XSS Pre-Release v0.1-alpha,相信经过一段时间的测试和开发,Release V1.0能够很快发布。

anti-XSS

anti-XSS is an open source XSS scanning tool which comes with a powerful detection engine. It automates the process of detecting as well as mining XSS scripts and generate the scanning report automatically.

Requirements

Installation

You can download the latest zipball by clicking here.

Preferably, you can download anti-XSS by cloning the Git repository and then install requirements.

$ git clone https://git@github.com:lewangbtcc/anti-XSS.git anti-XSS
$ cd anti-XSS
$ pip install -r requirements.txt

anti-XSS works out of the box with Python version 2.7.x on any platform.

Usage

To get a list of basic options and switches use:

python anti-XSS.py -h

or:

python anti-XSS.py --help
华盟知识星球入口

To get an overview of anti-XSS capabilities, list of supported features and description of all options and switches, along with examples, you are advised to consult the user’s manual.

Links

Acknowledgement

本文原创,作者:congtou,其版权均为华盟网所有。如需转载,请注明出处:https://www.77169.net/html/25756.html

发表评论