Name:xspear
Category:Vulnerabilities
Publisher:trickest
Created:9/7/2021
Container:quay.io/trickest/xspear:1.4.1
Output Type:
License:Unknown

Parameters

param
string
--paramTest paramters
cookie
string
--cookieAdd Cookie
no-xss
boolean
--no-xssDon't test XSS, only parameters analysis
headers
string
--headersAdd HTTP Headers
raw-ssl
boolean
--raw-sslhttp/https switch for burp raw file
threads
string
--threadsThreads , default: 10
post-data
string
--dataPOST Method Body data
target-url
string
required
--urlTarget Url
config-file
file
--configUse config file
blind-vector
string
-bAdd vector of Blind XSS. With XSS Hunter, ezXSS, HBXSS... e.g: https://hahwul.xss.ht
burp-raw-file
file
--rawLoad raw file(e.g raw_sample.txt)
output-format
string
--outputOutput format (cli , json, html)
verbose-level
string
--verboseShow log depth. 0: quite mode(only result) 1: show scanning status(default) 2: show scanning logs 3: show detail log(req/res)
test-all-params
boolean
--test-all-paramsTest to all params(include not reflected)
custom-payload-json-file
file
--custom-payloadLoad custom payload json file