Skip to content

ZFake/sh3rlock-XSS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
checker.py
checker.py
 
 
greeting.py
greeting.py
 
 
install.sh
install.sh
 
 
main.py
main.py
 
 
requirements.txt
requirements.txt
 
 
xss.txt
xss.txt
 
 

Repository files navigation

sh3rlock

Installation

bash install.sh

The tool works by launching a Firefox (version 52+) in headless mode to check for XSS alerts, so make sure you have it installed.

Or just do a dist-upgrade to the latest kali version.

  • Tested On: Kali Linux, Parrot Security, Ubuntu, Debian.

Usage

python main.py -u txt_with_urls_you_want_to_check_for_xss.txt

Disclaimer

Sh3rlock framework is intended to be used for legal security purposes only, and you should only use it to protect networks/hosts you own or have permission to test. Any other use is not the responsibility of the developer(s). Be sure that you understand and are complying with the Sh3rlock licenses and laws in your area. In other words, don't be stupid, don't be an asshole, and use this tool responsibly and legally.

About

XSS Testing Scanner Framework

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages