-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.py
36 lines (31 loc) · 1.23 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
import argparse
import requests
import concurrent.futures
class XSSScanner:
def __init__(self, url, payload_file):
self.url = url
self.payload_file = payload_file
def scan(self, payload):
try:
response = requests.get(self.url + payload.strip(), timeout=5)
if payload.strip() in response.text:
print("[+] Found Reflected XSS: " + payload.strip())
except requests.RequestException as e:
print("Error:", e)
def run(self):
with open(self.payload_file) as payloads:
with concurrent.futures.ThreadPoolExecutor() as executor:
executor.map(self.scan, payloads)
def parse_arguments():
parser = argparse.ArgumentParser()
parser.add_argument('-u', '--url', type=str, help='Target URL')
parser.add_argument('-f', '--payload-file', type=str, default='reflected-xss-payloads.txt', help='Payload file')
args = parser.parse_args()
return args
if __name__ == "__main__":
args = parse_arguments()
if args.url:
scanner = XSSScanner(args.url, args.payload_file)
scanner.run()
else:
print("Please provide a target URL using the -u/--url option.")