reddit hackernews mail facebook facebook linkedin


Powerfull XSS Scanning and Parameter analysis tool&gem.

- Pattern matching based XSS scanning
- Detect alert confirm prompt event on headless browser
- Testing request/response for XSS protection bypass and reflected(or all) params
- Testing Blind XSS
- Dynamic/Static Analysis
- Scanning from Raw file
- XSpear running on ruby code
- Show table base cli-report and filtered rule, testing raw query
- Testing at selected parameters
- Support output format: cli json html
- Support Verbose level (0~3)
- Support custom callback code to any test various attack vectors
- Support Config file