xspear - Trickest Platform Documentation

Details

Category: Vulnerabilities

Publisher: trickest

Created Date: 9/7/2021

Container: quay.io/trickest/xspear:1.4.1

Source URL: https://github.com/hahwul/XSpear

Parameters

param

string

Command: --param - Test paramters

string

Command: --cookie - Add Cookie

no-xss

boolean

Command: --no-xss - Don't test XSS, only parameters analysis

headers

string

Command: --headers - Add HTTP Headers

raw-ssl

boolean

Command: --raw-ssl - http/https switch for burp raw file

threads

string

Command: --threads - Threads , default: 10

post-data

string

Command: --data - POST Method Body data

target-url

string

required

Command: --url - Target Url

config-file

file

Command: --config - Use config file

blind-vector

string

Command: -b - Add vector of Blind XSS. With XSS Hunter, ezXSS, HBXSS... e.g: https://hahwul.xss.ht

burp-raw-file

file

Command: --raw - Load raw file(e.g raw_sample.txt)

output-format

string

Command: --output - Output format (cli , json, html)

verbose-level

string

Command: --verbose - Show log depth. 0: quite mode(only result) 1: show scanning status(default) 2: show scanning logs 3: show detail log(req/res)

test-all-params

boolean

Command: --test-all-params - Test to all params(include not reflected)

custom-payload-json-file

file

Command: --custom-payload - Load custom payload json file

Library

Details

Parameters