search

Asperis-Security / xssFuzz

🚀 XSSFUZZ - A tool for detecting XSS vulnerabilities in web applications.
https://www.asperis.es/
GNU General Public License v3.0
53 stars 9 forks source link

[-] Some Error Happened #2

Open vveezy opened 3 days ago

vveezy commented 3 days ago

Traceback (most recent call last): , line 417, in initialTest(val.url,val.headers) , line 372, in initialTest out = check_csp_vulnerabilities(response.headers['Content-Security-Policy']) ^^^^^^^^^^^^^^^^ AttributeError: 'NoneType' object has no attribute 'headers'

saikumar9121 commented 1 day ago

Same hear any solution you got

carlos-asperis commented 1 day ago

Thanks to both for reporting this issue. Could you please provide more details about the command you're using to run the tool? This information will help us debug the problem internally.

vveezy commented 23 hours ago

it worked after the super user install but the results was negative python xssFuzz.py -u http://testphp.vulnweb.com/listproducts.php?cat=FUZZ

 _  _ ____ ____ ____ _  _ ___  ___                                                                                                                     
  \/  [__  [__  |___ |  |   /    /                                                                                                                     
 _/\_ ___] ___] |    |__|  /__  /__                                                                                                                    
  # xssFuzzer by Asperis Security

[+] Checking CSP [+] CSP Headers seems to be not present [+] http://testphp.vulnweb.com/listproducts.php?cat=FUZZ scan initiated [+] Testing Parameters:['cat'] [+] Parameter cat not handling dangerous characters properly! [+] Filtering out the events now! [+] Filtering out the payloads now! [+] Loaded 0 Payloads [+] Testing The Payloads
[-] No Valid Payloads Found