Here is an updated version with more XSS patterns integrated into it. As well as some clean up!
I also created a separate .lua with just the http crawler function. On Friday, January 24th, 2025 at 4:29 PM, astrotoki <astrot...@pm.me> wrote: > Hello!, > > I just started learning Lua for writing NSEs and had a go at a HTTP crawler > that identifies XSS vulnerabilities on sites. I used Juice-Shop OWASP to > confirm it works. (Thats why the source code uses port 3000 in addition to > 80) Id love feedback! Doing my best to learn as much as I can. I attached the > http_xss_crawler.nse below! > > PS. I had used ChatGPTo1 and Github CoPilot to aid in debugging and syntax > issues. The overall code is my own, but I needed help haha > > Ryan "Astro" LaPierre
http_xss_crawl.nse
Description: Binary data
http_crawler.lua
Description: Binary data
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at https://seclists.org/nmap-dev/
