Ch4120N - Ch4120N@Proton.me
Finding XSS Vulnerabilities In WebSites By Crawling.
Python3
pip install -r requirements.txt
git clone https://github.com/Ch4120N/Charon-XSS-Scanner
chmod 755 -R Charon-XSS-Scanner
cd Charon-XSS-Scanner
python -m pip install -r requirements.txt
python chxsscan.pyusage: Chxsscan --url <target> [options]
Options:
-h, --help Show usage and help parameters
-u , --url Target url (e.g. http://testphp.vulnweb.com)
-d , --depth Depth web page to crawl. Default: 2
-pl , --payload-level
Level for payload Generator, 7 for custom payload. {1...6}. Default: 6
-p , --payload Load custom payload directly (e.g. <script>alert(2005)</script>)
-m , --method Method setting(s):
0: GET
1: POST
2: GET and POST (default)
--user-agent Request user agent (e.g. Chrome/2.1.1/...)
-s , --single Single scan. No crawling just one address
--proxy Set proxy (e.g. {'https':'https://10.10.1.10:1080'})
-a, --about Print information about `Charon XSSCAN` tool
-c , --cookie Set cookie (e.g {'ID':'1094200543'})
- Crawling all links on a website ( Crawler Engine )
- POST and GET forms are supported
- Many settings that can be customized
- Advanced error handling
- Very High Speed
If you find this tool useful, consider donating:
| Cryptocurrency | Address |
|---|---|
| BTC | bc1ql4syps7qpa3djqrxwht3g66tldyh4j7qsyjkq0 |
| ETH | 0xfddbd535a4ad28792cbebceee3d6982d774e6d13 |
| USDT | 3Cq6HRQsiwZFmPEQfG9eJkZE2QGChvf2VN |
💖 Your support helps keep the project alive and improving!
If you encounter bugs, configuration issues, or unexpected behavior, please reach out: 📩 Ch4120N@Proton.me
Usage of
Charon XSS Scannerfor attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.
⭐ If you like this project, don’t forget to give it a star!