anti-XSS:开源XSS脚本检测工具

congtou 2016-10-20 工具介绍 0 1

anti-XSS: An open source XSS vulnerability scanner. 通过一段时间的设计、编码和测试工作,我在Github上发布了我的开源XSS脚本扫描工具anti-XSS

anti-XSS采用Python编写,除了必要的系统库和报告生成库,没有引入任何第三方库。通过迭代和二次开发,anti-XSS不仅可以在远端对目标站点进行XSS脚本的探测扫描,同时还可以部署在服务器上监控Web环境。

项目地址:https://github.com/lewangbtcc/anti-XSS

目前发布的版本为anti-XSS Pre-Release v0.1-alpha,相信经过一段时间的测试和开发,Release V1.0能够很快发布。

anti-XSS

anti-XSS is an open source XSS scanning tool which comes with a powerful detection engine. It automates the process of detecting as well as mining XSS scripts and generate the scanning report automatically.

Requirements

Installation

You can download the latest zipball by clicking here.

Preferably, you can download anti-XSS by cloning the Git repository and then install requirements.

$ git clone https://git@github.com:lewangbtcc/anti-XSS.git anti-XSS
$ cd anti-XSS
$ pip install -r requirements.txt

anti-XSS works out of the box with Python version 2.7.x on any platform.

Usage

To get a list of basic options and switches use:

python anti-XSS.py -h

or:

python anti-XSS.py --help

To get an overview of anti-XSS capabilities, list of supported features and description of all options and switches, along with examples, you are advised to consult the user’s manual.

Links

Acknowledgement

转载请注明来自华盟网,本文标题:《anti-XSS:开源XSS脚本检测工具》

喜欢 (1) 发布评论