Skip to content

Features

  • Comprehensive Scanning: Tests URL parameters, POST parameters, headers, and DOM content for XSS vulnerabilities.
  • Multiple Browser Support: Compatible with both Firefox and Chrome for testing.
  • Headless Mode: Option to run scans in headless browser mode for faster & traditional execution.
  • Concurrent Scanning: Utilises multi-threading for efficient scanning of multiple targets.
  • Customizable: Supports custom headers, cookies, and payload files.
  • Crawling Capability: Can crawl websites to discover and test additional pages.
  • Detailed Reporting: Provides comprehensive output with color-coded console logs and optional file output.
  • DOM XSS Detection: Advanced detection of DOM-based XSS vulnerabilities.
  • Payload Customization: Automatically customises payloads with unique identifiers for accurate detection.

Key Capabilities

  • URL parameter testing
  • POST parameter analysis
  • Header scanning
  • DOM content examination
  • External script analysis
  • Crawling targets and depth control
  • Custom payload support
  • Accurate detection

Link: https://github.com/Stuub/Helios

Latest