search

NetSPI / xssValidator

This is a burp intruder extender that is designed for automation and validation of XSS vulnerabilities.
nVisium.com
MIT License
409 stars 157 forks source link

xss.js should work with SlimerJS #11

Open laurentj opened 9 years ago

laurentj commented 9 years ago

There are two scripts, xss.js and slimer.js and they are similar.

They should be identical since SlimerJS is theorically almost 100% compatible with PhantomJS. At least, what xss.js does should work with SlimerJS.

If something does not work with SlimerJS, please fill issues on project github.com/laurentj/slimerjs.

There is at least some few things to fix:

This deprecate way 

wp = new WebPage();

should be replaced by

wp = require("webpage").create();

And also many variables are not declared with the var keyword (this may cause warnings in verbose mode).

forced-request commented 9 years ago

Hi @laurentj,

Thanks for the feedback. Ideally we would just leverage a single script, but when we built the slimer functionality originally there were a few functions we were getting held up with.

I'll modify the slimer script to use the non-derecated version of the webpage creation, and properly define JS variables, then see where we're at.

forced-request commented 9 years ago

It looks like once this issue is resolved, they will be compatible: https://github.com/laurentj/slimerjs/issues/284