XssPy, a python tool for detecting Cross Site Scripting vulnerabilities in websites. Instead of just checking one page as most of the tools do, this tool traverses the website and find all the links and sub-domains first. After that, it starts scanning each and every input on each and every page that it found while its traversal. It uses small yet effective payloads to search for XSS vulnerabilities.
The tool has been tested parallel with paid Vulnerability Scanners and most of the scanners failed to detect the vulnerabilities that the tool was able to find.
Moreover, most paid tools scan only one site whereas XssPy first finds a lot of sub-domains and then scan all the links altogether.
The tool comes with:
- Short Scanning
- Comprehensive Scanning
- Finding subdomains
- Checking every input on every page
Note: This tool is created only for educational purpose and not for illegal activities. We are not responsible for any illegal activities that you take part using this tool.