XSStrike is an advanced XSS detection suite. It has a powerful fuzzing engine and provides zero false positive result using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads. It is intelligent enough to detect and break out of various contexts.
Made with 
by Somdev Sangwan
- GET & POST method support
- Cookie Support
- WAF Fingerprinting
- Hand crafted payloads for filter and WAF evasion
- Powerful fuzzing engine
- Context breaking technology
- Intelligent payload generation
- Accurate results via levenshtein distance algorithm
more to come...
XSStrike is compatible with all *nix based operating systems running Python 2.7. Why not windows? My life, my rules. My code, my tools. Just kidding, it will run on windows as well but you will see some weird codes instead of color. First of all clone the repo by entering the following command in terminal
git clone https://github.com/UltimateHackers/XSStrikeNow naviagte to XSStrike directory
cd XSStrikeNow install the requirements with the following command
pip install -r requirements.txtNow you can run XSStrike
python xsstrike
Want to contribute? What are you waiting for? Fork it and hit up with a pull request.
Want to sponsor? Mail me at [email protected]