From 869fc17ecf9c7ad5782a8a68af209c3db4974059 Mon Sep 17 00:00:00 2001
From: Sathyaprakash Sahoo <62632966+Encryptor-Sec@users.noreply.github.com>
Date: Fri, 4 Feb 2022 16:09:29 +0530
Subject: [PATCH] Update README.md
---
README.md | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 88 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
index 6a0ebc6..35d9e56 100644
--- a/README.md
+++ b/README.md
@@ -17,8 +17,94 @@
***
-#### DISCLAIMER :
+>#### DISCLAIMER :
The XSSearch developer will not be held liable if the tool is used with harmful or criminal intent. Please use at your own risk. :)
-***
+****
+>#### USES OF WEB SCRAPER :
+- XSSearch can be used to discover reflected Cross Site Scripting (XSS) vulnerabilities
+- XSSearch is capable of validating XSS payloads.
+- XSSearch will facilitate in the automation of brute - force attack for the verification of reflected XSS.
+- Works on all Linux environment
+- This can also be used in penetration testing to evaluate sanitization strength.
+***
+>#### FEATURES :
+- Contains more than 3000 payloads for XSS validation
+- Works on selenium framework & ChromeDriver
+- It is faster than other XSS tools since the code is very light and rapid.
+- The code and payloads can be modified according to the situation.
+***
+>#### SETUP & INSTALLATION
+XSSearch requires Selenium, ChromeDriver and Python to work smoothly on your system.
+
+**Installing Selenium**
+```
+$ sudo apt update
+$ pip3 install selenium
+```
+**Installing Chrome Browser for Linux (Skip this if you already have Chrome browser on your Linux)**
+````
+$ wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
+$ sudo apt install ./google-chrome-stable_current_amd64.deb
+````
+**You may use the command to start Chrome from your terminal.**
+```
+$ google-chrome --no-sandbox
+```
+**Downloading ChromeDriver**
+
+Go to https://chromedriver.chromium.org/downloads and get the linux 64 zipped version of ChromeDriver 80.0.3987.106.
+
+Unzip the zip file. There will be a file for ChromeDriver. Open terminal on the same location and use the following command.
+````
+$ sudo chmod +x chromedriver
+$ sudo mv -f chromedriver /usr/bin/chromedriver
+````
+***
+>#### USAGE
+XSSearch is a command line tool that uses a single command line instruction for simple and speedy execution.
+**Note** : This tool will only work on url which has a input paramter in the url. Example : www[.]target[.]com/?xyz=
+```
+$ python3 xssearch.py -u url.com/?s={xss} -p payloads.txt
+```
+**Arguments :**
+**-u** : It is required for URL input
+**-p** : It is required for Payload file input
+**{xss}** : It is a placeholder that the user should append after an equal to sign (=) in the url argument.
+
+**Live Usage**
+````
+$ python3 xssearch.py -u https://ac121f0e1eb31ae5c0c9473f00f400f7.web-security-academy.net/?search={xss} -p payloads.txt
+````
+
+
+
+
+Above is the screenshot of the tool with live example.
+_Valid XSS exploits are marked with red alerts.
+Invalid XSS exploits are marked with blue alerts._
+
+**Errors & Warnings**
+The following are some errors that might arise as a result of an incomplete command, not specifying arguments or not specifying placeholders.
+
+Use the below command to get help
+````
+$ python3 xssearch.py -h
+````
+
+
+
+
+***
+#### LICENSE
+[MIT-License](LICENSE)
+***
+#### More suggestions and contributions are highly appreciated to make this tool better :)
+### _STAY SAFE, ACT SMART_
+### Hit Me Up
+[](https://twitter.com/_encryptor_)
+[](https://www.instagram.com/xhackerboyy)
+[](https://www.linkedin.com/in/sathyaprakashsahoo)
+[](https://www.cyberbuddy.co.in)
+