Introduction
Traxss is a framework that can be used to perform automated XSS vulnerability scans on webpages and URLs. Currently the framework has more then five hundred payloads which can be deployed during a vulnerability scan. It’s written in Python3 and, apart from having multiple payloads, it also offers a number of test options. This feature makes Traxss very efficient and dependable vulnerability scanner.
Traxss: Automated XSS Vulnerability Scanner
With the availability of multiple payloads Traxss makes XSS vulnerability scanning very simple. After being launched it performs vulnerability test scans at a relatively high speed. When performing a full scan using HTML, the framework deploys its query scan technique.
In addition, it also puts into use 575+ payloads; Therefore, XSS vulnerabilities, that may affect the URL, will be exposed after several parameters have been successfully passed through the suspected URL.
How Traxss Works?
Features:
- 575+ Payloads
- XSS vulnerability scan automation
- Robust vulnerability testing
- Multiple vulnerability test options
Prerequisites:
In order to run Traxss you must have Chromedriver installed on your device. OS X users can achieve an installation for this requirement by using the homebrew command below:
$ brew install cask chromedriver
Install
Install all requirements using pip3:
$ pip3 install -r requirements.txt
To build via Docker, run:
$ docker build -t $ docker build -t xshuden/traxss
Docker run:
$ docker run --rm -it xshuden/traxss
Traxss Usage
To launch Traxss run:
$ python3 traxss.py
An interactive CLI will be opened and you can follow the instructions contained on the guide to complete the whole procedure.
