faizann24 / XssPy

XssPy - Web Application XSS Scanner
http://www.fsecurify.com
MIT License
835 stars 218 forks source link

By default HTTPS links are not tested. #5

Closed axi0m closed 7 years ago

axi0m commented 8 years ago

On line 63: url = "http://www." + str(url) The URL variable is assigned just an HTTP locator to prefix the website. For a website I tested I simply added the "s" to it but may want to add a command line argument for --tls or something so that https links can be used. Better yet could add a quick GET request to the site for HTTP and if status code isn't a 302 or a 200 then attempt to do HTTPS? Not sure but thought I'd mention it anyway. If you're recursively going through all the subdomains then the time it would take to check for both HTTP and HTTPS sites would be a lot of overhead. Just my two cents.

Thanks for the work, very cool!

faizann24 commented 8 years ago

Hi axi0m, That's a great opinion. I would look into it.

I actually tried doing it when I made it but ended up without it because it was working fine with a lot of https websites as they were automatically redirected to http.

But that thing about redirection, I'll look into it.

Many thanks for the suggestion.

Best Regards.

axi0m commented 8 years ago

You're totally right though faizann, I forgot my site doesn't have the HTTP to HTTPS redirector in Nginx conf that it needs, totally forgot about it. Still may be useful to have logic to toggle HTTP and HTTPS lookups but probably isn't needed for PROD sites that are deployed in real organizations (instead of my personal blog. Lol)