rexsser

This is a burp plugin (python) that extracts keywords from response using regexes and test for reflected XSS on the target scope. Valid parameters reflected, vulnerable parameters are show in results in the rexsser extension tab.

Regexes

extract all javascript 'var' names from response page
...

Screenshots

Requirements

Jython
BurpSuite

Todo

Add Multiple regexes to extract words (Example: input elements in the page response)
Content-Type filter
Scope checkbox
Process only given status-codes
Turn off/on

About

This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.

Languages

Language:Python 100.0%