Ch4120N - Ch4120ni@Gmail.com
Finding XSS Vulnerabilities In WebSites By Crawling.
Python3
pip install -r requirements.txt
git clone https://github.com/Ch4120N/Charon-XSS-Scanner
chmod 755 -R Charon-XSS-Scanner
cd Charon-XSS-Scanner
python -m pip install -r requirements.txt
python chxsscan.pyusage: Chxsscan --url <target> [options]
Options:
-h, --help Show usage and help parameters
-u , --url Target url (e.g. http://testphp.vulnweb.com)
-d , --depth Depth web page to crawl. Default: 2
-pl , --payload-level
Level for payload Generator, 7 for custom payload. {1...6}. Default: 6
-p , --payload Load custom payload directly (e.g. <script>alert(2005)</script>)
-m , --method Method setting(s):
0: GET
1: POST
2: GET and POST (default)
--user-agent Request user agent (e.g. Chrome/2.1.1/...)
-s , --single Single scan. No crawling just one address
--proxy Set proxy (e.g. {'https':'https://10.10.1.10:1080'})
-a, --about Print information about `Charon XSSCAN` tool
-c , --cookie Set cookie (e.g {'ID':'1094200543'})
- Crawling all links on a website ( Crawler Engine )
- POST and GET forms are supported
- Many settings that can be customized
- Advanced error handling
- Very High Speed
bitcoin: bc1ql4syps7qpa3djqrxwht3g66tldyh4j7qsyjkq0
If you are facing a configuration issue or something is not working as you expected to be, please use the Ch4120ni@Gmail.com/Charon.Sec.Group@Gmail.com
Usage of
Charon XSS Scannerfor attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.