Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
Z4nzu
GitHub Repository: Z4nzu/hackingtool
 Path: blob/master/tools/xss_attack.py
1761 views
1
# coding=utf-8

2
import os

3
import subprocess

4
from rich.console import Console

5
from rich.panel import Panel

6
from rich.prompt import Prompt

7
from rich.table import Table

8


9
from core import HackingTool

10
from core import HackingToolsCollection

11


12
console = Console()

13


14


15
class Dalfox(HackingTool):

16
    TITLE = "DalFox (Finder of XSS)"

17
    DESCRIPTION = "XSS Scanning and Parameter Analysis tool."

18
    INSTALL_COMMANDS = [

19
        "sudo apt-get install golang",

20
        "sudo git clone https://github.com/hahwul/dalfox",

21
        "cd dalfox;go install"

22
    ]

23
    RUN_COMMANDS = [

24
        "~/go/bin/dalfox",

25
        'echo "You Need To Run manually by using [!]~/go/bin/dalfox [options]"'

26
    ]

27
    PROJECT_URL = "https://github.com/hahwul/dalfox"

28


29


30
class XSSPayloadGenerator(HackingTool):

31
    TITLE = "XSS Payload Generator"

32
    DESCRIPTION = "XSS PAYLOAD GENERATOR - XSS SCANNER - XSS DORK FINDER"

33
    INSTALL_COMMANDS = [

34
        "git clone https://github.com/capture0x/XSS-LOADER.git",

35
        "cd XSS-LOADER;sudo pip3 install -r requirements.txt"

36
    ]

37
    RUN_COMMANDS = ["cd XSS-LOADER;sudo python3 payloader.py"]

38
    PROJECT_URL = "https://github.com/capture0x/XSS-LOADER.git"

39


40


41
class XSSFinder(HackingTool):

42
    TITLE = "Extended XSS Searcher and Finder"

43
    DESCRIPTION = "Extended XSS Searcher and Finder"

44
    INSTALL_COMMANDS = [

45
        "git clone https://github.com/Damian89/extended-xss-search.git"]

46
    PROJECT_URL = "https://github.com/Damian89/extended-xss-search"

47


48
    def after_install(self):

49
        console.print(Panel.fit(

50
            "[bold cyan]Follow These Steps After Installation:[/bold cyan]\n"

51
            "[red]*[/red] Go to [yellow]extended-xss-search[/yellow] directory\n"

52
            "[green]*[/green] Rename [bold]example.app-settings.conf[/bold] → [bold]app-settings.conf[/bold]",

53
            title="[ Install Notes ]",

54
            border_style="magenta"

55
        ))

56
        input("Press ENTER to continue")

57


58
    def run(self):

59
        console.print(Panel.fit(

60
            "[bold cyan]You need to add links to scan[/bold cyan]\n"

61
            "[red]*[/red] Go to [yellow]extended-xss-search/config/urls-to-test.txt[/yellow]\n"

62
            "[green]*[/green] Run: [bold]python3 extended-xss-search.py[/bold]",

63
            title="[ Run Instructions ]",

64
            border_style="blue"

65
        ))

66


67


68
class XSSFreak(HackingTool):

69
    TITLE = "XSS-Freak"

70
    DESCRIPTION = "An XSS scanner fully written in Python 3 from scratch."

71
    INSTALL_COMMANDS = [

72
        "git clone https://github.com/PR0PH3CY33/XSS-Freak.git",

73
        "cd XSS-Freak;sudo pip3 install -r requirements.txt"

74
    ]

75
    RUN_COMMANDS = ["cd XSS-Freak;sudo python3 XSS-Freak.py"]

76
    PROJECT_URL = "https://github.com/PR0PH3CY33/XSS-Freak"

77


78


79
class XSpear(HackingTool):

80
    TITLE = "XSpear"

81
    DESCRIPTION = "XSpear is an XSS Scanner built on Ruby Gems."

82
    INSTALL_COMMANDS = ["gem install XSpear"]

83
    RUN_COMMANDS = ["XSpear -h"]

84
    PROJECT_URL = "https://github.com/hahwul/XSpear"

85


86


87
class XSSCon(HackingTool):

88
    TITLE = "XSSCon"

89
    INSTALL_COMMANDS = [

90
        "git clone https://github.com/menkrep1337/XSSCon.git",

91
        "sudo chmod 755 -R XSSCon"

92
    ]

93
    PROJECT_URL = "https://github.com/menkrep1337/XSSCon"

94


95
    def run(self):

96
        console.print(Panel.fit(

97
            "Enter target website to scan with XSSCon:",

98
            title="[bold yellow]XSSCon[/bold yellow]",

99
            border_style="bright_yellow"

100
        ))

101
        website = Prompt.ask("[bold cyan]Enter Website[/bold cyan]")

102
        os.system("cd XSSCon;")

103
        subprocess.run(["python3", "xsscon.py", "-u", website])

104


105


106
class XanXSS(HackingTool):

107
    TITLE = "XanXSS"

108
    DESCRIPTION = "Reflected XSS searching tool that creates payloads from templates."

109
    INSTALL_COMMANDS = ["git clone https://github.com/Ekultek/XanXSS.git"]

110
    PROJECT_URL = "https://github.com/Ekultek/XanXSS"

111


112
    def run(self):

113
        os.system("cd XanXSS; python xanxss.py -h")

114
        console.print(

115
            "[cyan]You have to run it manually using:[/cyan]\n[bold yellow]python xanxss.py [options][/bold yellow]"

116
        )

117


118


119
class XSSStrike(HackingTool):

120
    TITLE = "Advanced XSS Detection Suite"

121
    DESCRIPTION = "XSStrike is a Python-based tool designed to detect and exploit XSS vulnerabilities."

122
    INSTALL_COMMANDS = [

123
        "sudo rm -rf XSStrike",

124
        "git clone https://github.com/UltimateHackers/XSStrike.git "

125
        "&& cd XSStrike && pip install -r requirements.txt"

126
    ]

127
    PROJECT_URL = "https://github.com/UltimateHackers/XSStrike"

128


129
    def __init__(self):

130
        super(XSSStrike, self).__init__(runnable=False)

131


132


133
class RVuln(HackingTool):

134
    TITLE = "RVuln"

135
    DESCRIPTION = "Multi-threaded and Automated Web Vulnerability Scanner written in Rust."

136
    INSTALL_COMMANDS = [

137
        "sudo git clone https://github.com/iinc0gnit0/RVuln.git;"

138
        "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh;"

139
        "source $HOME/.cargo/env;"

140
        "sudo apt install librust-openssl-dev;"

141
        "cd RVuln;sudo su;cargo build --release;mv target/release/RVuln"

142
    ]

143
    RUN_COMMANDS = ["RVuln"]

144
    PROJECT_URL = "https://github.com/iinc0gnit0/RVuln"

145


146


147
class XSSAttackTools(HackingToolsCollection):

148
    TITLE = "XSS Attack Tools"

149
    TOOLS = [

150
        Dalfox(),

151
        XSSPayloadGenerator(),

152
        XSSFinder(),

153
        XSSFreak(),

154
        XSpear(),

155
        XSSCon(),

156
        XanXSS(),

157
        XSSStrike(),

158
        RVuln()

159
    ]

160


161
    def show_info(self):

162
        console.print(Panel.fit(

163
            "[bold magenta]XSS Attack Tools Collection[/bold magenta]\n"

164
            "A curated set of tools for XSS vulnerability analysis and exploitation.",

165
            border_style="bright_magenta"

166
        ))

167


168
    def show_options(self, parent=None):

169
        console.print("\n")

170
        self.show_info()

171


172
        table = Table(title="[bold cyan]Available Tools[/bold cyan]", show_lines=True)

173
        table.add_column("Index", justify="center", style="bold yellow")

174
        table.add_column("Tool Name", justify="left", style="bold green")

175
        table.add_column("Description", justify="left", style="white")

176


177
        for i, tool in enumerate(self.TOOLS):

178
            table.add_row(str(i + 1), tool.TITLE, tool.DESCRIPTION or "—")

179


180
        table.add_row("[red]99[/red]", "[bold red]Exit[/bold red]", "Return to Main Menu")

181


182
        console.print(table)

183


184
        try:

185
            choice = Prompt.ask("[bold cyan]Select a tool to run[/bold cyan]")

186
            choice = int(choice)

187
            if 1 <= choice <= len(self.TOOLS):

188
                self.TOOLS[choice - 1].show_options(parent=self)

189
            elif choice == 99:

190
                return 99

191
        except Exception:

192
            console.print("[bold red]Invalid choice. Try again.[/bold red]")

193
        return self.show_options(parent=parent)

194


195