Share
## https://sploitus.com/exploit?id=38BEB051-506C-56C9-A319-DEB0F87C316A
# XSS_Vulnerability_scanner

**Features:**
- Tests multiple XSS types: basic, encoded, attribute-based, DOM-based, and filter bypass
- Scans all query parameters in each URL
- Detects reflected XSS by checking if payloads appear in responses
- Clean, organized output in both JSON and text formats
- Progress tracking during scans

**Usage:**
```bash
node xss_scanner.js xss.txt xss_results.json
```

**Output:**
- `xss_results.json` - Detailed JSON report with all findings
- `xss_results.txt` - Clean, readable text report

**The scanner tests:**
- Basic XSS vectors (script tags, event handlers)
- Encoded payloads (URL encoding, HTML entities)
- Attribute-based injections
- DOM-based XSS
- Filter bypass techniques

**Report includes:**
- URL where vulnerability was found
- Exact payload that triggered it
- XSS type (basic, encoded, etc.)
- Test URL used

The results are clean and organized, perfect for bug bounty reporting. Just make sure your `xss.txt` file has one URL per line!