Skip to content

femtopixel/docker-xsstrike

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Caution

As-of 2021, this product does not have a free support team anymore. If you want this product to be maintained, please support my work.

Note

(This product is available under a free and permissive license, but needs financial support to sustain its continued improvements. In addition to maintenance and stability there are many desirable features yet to be added.)

logo

XSStrike - Docker Image

latest release Docker Pulls Docker stars PayPal donation Buy me a coffee Buy me a coffee

This image allows you to have XSStrike installed easily thanks to Docker.

Usage

docker run --rm -ti femtopixel/xsstrike

	XSStrike v3.1.4


usage: xsstrike.py [-h] [-u target] [--data paramdata] [-e encode] [--fuzzer]
                   [--update] [--timeout timeout] [--proxy] [--params]
                   [--crawl] [--json] [--path] [--seeds args_seeds]
                   [-f args_file] [-l level] [--headers [add_headers]]
                   [-t threadcount] [-d delay] [--skip] [--skip-dom] [--blind]
                   [--console-log-level {debug,info,run,good,warning,error,critical,vuln}]
                   [--file-log-level {debug,info,run,good,warning,error,critical,vuln}]
                   [--log-file log_file]

optional arguments:
  -h, --help            show this help message and exit
  -u target, --url target
                        url
  --data paramdata      post data
  -e encode, --encode encode
                        encode payloads
  --fuzzer              fuzzer
  --update              update
  --timeout timeout     timeout
  --proxy               use prox(y|ies)
  --params              find params
  --crawl               crawl
  --json                treat post data as json
  --path                inject payloads in the path
  --seeds args_seeds    load crawling seeds from a file
  -f args_file, --file args_file
                        load payloads from a file
  -l level, --level level
                        level of crawling
  --headers [add_headers]
                        add headers
  -t threadcount, --threads threadcount
                        number of threads
  -d delay, --delay delay
                        delay between requests
  --skip                don't ask to continue
  --skip-dom            skip dom checking
  --blind               inject blind xss payload while crawling
  --console-log-level {debug,info,run,good,warning,error,critical,vuln}
                        console logging level
  --file-log-level {debug,info,run,good,warning,error,critical,vuln}
                        file logging level
  --log-file log_file   name of the file to log

Just pass the parameters after the command. (eg. docker run --rm -ti femtopixel/xsstrike -u https://www.example.com)

Appendixes

Install Docker

If you don't have Docker installed yet, you can do it easily in one line using this command

curl -sSL "https://gist.githubusercontent.com/jaymoulin/e749a189511cd965f45919f2f99e45f3/raw/0e650b38fde684c4ac534b254099d6d5543375f1/ARM%2520(Raspberry%2520PI)%2520Docker%2520Install" | sudo sh && sudo usermod -aG docker $USER