{"id":1987,"date":"2018-08-02T08:23:51","date_gmt":"2018-08-02T08:23:51","guid":{"rendered":"http:\/\/tetsuo.edge-themes.com\/?page_id=669"},"modified":"2025-01-14T18:46:02","modified_gmt":"2025-01-14T18:46:02","slug":"faq-page","status":"publish","type":"page","link":"https:\/\/knoxss.pro\/?page_id=1987","title":{"rendered":"FAQ Page"},"content":{"rendered":"

[vc_row parallax_background_image=\"682\"][vc_column]

\n\t
\n\t\t
\n\t\t\t[vc_column_text]<\/p>\n

FREQUENTLY ASKED QUESTIONS<\/h1>\n

[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][\/vc_row][vc_row row_content_width=\"grid\" css=\".vc_custom_1533806533670{padding-top: 115px !important;}\"][vc_column width=\"2\/3\"]

\n\t
\n\t\t
\n\t\t\t[vc_column_text]What KNOXSS does?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]KNOXSS finds source-based and DOM-based reflected and stored XSS in vulnerable pages using components of URL (path and query parameters) as entry points and form fields (this last one automatically with browser add-on). To see all XSS cases KNOXSS is able to spot check our XSS Coverage<\/a>.<\/strong>[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[vc_row_inner css=\".vc_custom_1533626707125{padding-top: 44px !important;}\" el_id=\"policies\" el_class=\"edgtf-anchor\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]How to use KNOXSS?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]The basic usage is just copy + paste the target URL in the main field of the web interface (at \/pro). That's for unauthenticated GET requests, most scenarios out there. For POST requests, there's the need to provide the action URL in the main field and the POST body (pairs of name=value separated by a & sign) in the left box after clicking in the \"Extra Data\" button. For authenticated requests, there's a right box after clicking in \"Extra Data\" to provide pairs of HTTP headers (usually cookies) in the format header:value, one per line.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533626707125{padding-top: 44px !important;}\" el_class=\"edgtf-anchor\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]What KNOXSS doesn't do (yet)<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]KNOXSS has no advanced DOM-based testing and discovering capabilities although it can detect and exploit some common DOM-based cases (see our\u00a0XSS Coverage<\/strong><\/a> for those). Current state of browser add-on also can't pass through authentication methods not based solely in cookies although web interface allows user to inform any authentication header before sending the requests. KNOXSS also can't test a target if its IP address is blacklisted. It also can't submit JSON requests, so Stored XSS based on that are not covered by the tool (reflected type is hardly automated).[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533626716591{padding-top: 44px !important;}\" el_id=\"procedures\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]How KNOXSS works?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]It takes the target and all associated data provided and check if there's a reflection in all URL or POST body parameters along with URL path (for friendly URLs). If it finds some reflection somewhere, in response or associated JS calls, it will take some decisions on what type of injection it will use (HTML or JS injection). Finally it will try several specific XSS vectors in order to pop an alert box to prove the vulnerability.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533626716591{padding-top: 44px !important;}\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]Is KNOXSS better than other free XSS tools?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Definitely. You can check how KNOXSS compares to main free XSS tools here<\/strong><\/a>.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533626707125{padding-top: 44px !important;}\" el_class=\"edgtf-anchor\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]How to Properly Test in TestPHP VulnWeb?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]In the web interface you need to use the action URL https:\/\/testphp.vulnweb.com\/search.php as the Target URL then click in Extra Data button to open the additional fields. In the left box, provide the POST variables searchFor=any&goButton=go and hit the ok button. After that you can hit the test button. For the API there's a section in the API Guidelines showing the same example with the API syntax.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533626707125{padding-top: 44px !important;}\" el_class=\"edgtf-anchor\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]How to Manage my Subscription?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]In the left bar of the user dashboard there's a \"Manage my Subscription\" white link, click on it.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533626738718{padding-top: 44px !important;}\" el_id=\"payment\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]How KNOXSS browser add-on (legacy) works?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]KNOXSS browser add-on is an automated way to send to KNOXSS online service every page in a chosen domain and all its subdomains while user navigate through a website. Just a click is needed to activate it for *.domain and it must be disabled and enabled again to change domains. If a XSS is found, it will pop up the same window as the main web interface does and it will be deactivated with red XSS state, to prevent recursive testing (test the PoC window itself). KNOXSS add-on also gets and send all forms on page for KNOXSS testing as well as cookies. IMPORTANT: it's provided only as LEGACY SOFTWARE and it's no longer maintained but it still works in old Chrome-based browsers and especially in current Firefox ESR branch.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646916832{padding-top: 44px !important;}\" el_id=\"efficient\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]Can KNOXSS be used with any browser?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Yes, although we recommend latest versions of Chromium-based ones like Chromium, Google Chrome, Brave, Opera and Vivaldi.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646740973{padding-top: 44px !important;}\" el_id=\"branding\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]Is KNOXSS accurate?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Absolutely. KNOXSS is (almost) false positive free: it will only pop the window with PoC (Proof of Concept) if its engine validates it. By using WebKit, Blink and Gecko (engines used by all major browsers) in the backend, it guarantees that there will be no false positive. False negative is a way harder, so if KNOXSS doesn't find the XSS (although it may find the reflection) it doesn't mean it's not exploitable.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646740973{padding-top: 44px !important;}\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]Is KNOXSS able to bypass application filters and WAFs (Web Application Firewalls)?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Yes. KNOXSS employs some tricks to bypass them mostly in pure Javascript injections (no HTML), multi reflection and DOM-based scenarios. It can also craft a specific bypass for a given target using AFB feature.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646740973{padding-top: 44px !important;}\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]What is the CheckPoC feature?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]The CheckPoC switch in the Web UI allows a feature where you can use KNOXSS to validate a current PoC you already have. Just give KNOXSS the URL with the payload that pops the alert box and it will pop it for you validating it. You must provide alert(), prompt or confirm() functions with the number 1 like alert(1) or with the letter 'k' like alert('k'). It's useful to check a False Negative (when KNOXSS can't detect a valid XSS) so we can track and fix the issue within the code or payload. It can also be used to test bypasses in a automated fashion with the use of the API by just build a list containing the same URL with different payloads (check the API Guidelines<\/a><\/strong>).[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646740973{padding-top: 44px !important;}\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]What is Flash Mode and how to use it?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Flash Mode is an operation mode in which KNOXSS tries an unique XSS vector without performing any previous steps to find an evidence of a vulnerability first. It improves speed a lot and can spot most common XSS Cases<\/a> found out there including DOM-based ones.<\/p>\n

To use Flash Mode just use a [XSS] mark where you want KNOXSS to try its XSS Polyglot<\/a>.<\/p>\n

Usage examples:<\/p>\n

 <\/p>\n

HTTP GET Method<\/p>\n

Target Page: https:\/\/brutelogic.com.br\/gym.php?p05=[XSS]<\/p>\n

 <\/p>\n

HTTP POST Method<\/p>\n

Target Page: https:\/\/brutelogic.com.br\/gym.php
\nPOST Body: p05=[XSS][\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646740973{padding-top: 44px !important;}\"][vc_column_inner]

\n\t
\n\t\t
\n\t\t\t[vc_column_text]How can I test other parameters when KNOXSS stops before testing them because of the XSS PoC (popup)?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Just change the order of the parameters in URL or in POST body, placing the vulnerable one (the one responsible for the popup) in the end. Example below.<\/p>\n

 <\/p>\n

The \"a\" parameter is vulnerable:<\/p>\n

?a=aaa<\/strong>&b=bbb&c=ccc&d=ddd<\/p>\n

Then, rearranging:<\/p>\n

?b=bbb&c=ccc&d=ddd&a=aaa<\/strong>[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646740973{padding-top: 44px !important;}\"][vc_column_inner]

\n\t
\n\t\t
\n\t\t\t[vc_column_text]Does KNOXSS have technical support?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Yes, there's an X (former Twitter) account @KN0X55<\/strong><\/a> to get help with its usage, technical issues and feedback.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646740973{padding-top: 44px !important;}\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]Can KNOXSS really help me to find XSS bugs in bug bounty programs?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Yes, it can. It was developed with this in mind too. But KNOXSS needs to be used as part of a more extensive strategy, to not get depended on luck. An workflow of other useful recon tools to define the attack surface, choose the best servers to try on and sort the best URLs to submit to test is the best way to go.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533646740973{padding-top: 44px !important;}\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]What is KNOXSS API and how to use it?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Please check the answer here<\/a><\/strong>.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][vc_row_inner css=\".vc_custom_1533806542152{padding-top: 44px !important;padding-bottom: 130px !important;}\"][vc_column_inner]
\n\t
\n\t\t
\n\t\t\t[vc_column_text]May I submit a question to this FAQ?<\/strong>[\/vc_column_text][vc_empty_space height=\"18px\"][vc_column_text]Sure, just contact us in Twitter @KN0X55<\/a><\/strong>\u00a0or drop us an email to brutelogic [at] null [dot] net.[\/vc_column_text]\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row]<\/p>\n","protected":false},"excerpt":{"rendered":"

[vc_row parallax_background_image=”682″][vc_column][\/vc_column][\/vc_row][vc_row row_content_width=”grid” css=”.vc_custom_1533806533670{padding-top: 115px !important;}”][vc_column width=”2\/3″][vc_row_inner css=”.vc_custom_1533626707125{padding-top: 44px !important;}” el_id=”policies” el_class=”edgtf-anchor”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533626707125{padding-top: 44px !important;}” el_class=”edgtf-anchor”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533626716591{padding-top: 44px !important;}” el_id=”procedures”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533626716591{padding-top: 44px !important;}”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533626707125{padding-top: 44px !important;}” el_class=”edgtf-anchor”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533626707125{padding-top: 44px !important;}” el_class=”edgtf-anchor”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533626738718{padding-top: 44px !important;}” el_id=”payment”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533646916832{padding-top: 44px !important;}” el_id=”efficient”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533646740973{padding-top: 44px !important;}” el_id=”branding”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533646740973{padding-top: 44px !important;}”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533646740973{padding-top: 44px !important;}”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner css=”.vc_custom_1533646740973{padding-top: 44px !important;}”][vc_column_inner][\/vc_column_inner][\/vc_row_inner][vc_row_inner […]<\/p>\n","protected":false},"author":1,"featured_media":2277,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"full-width.php","meta":{"footnotes":""},"class_list":["post-1987","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/pages\/1987","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/knoxss.pro\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1987"}],"version-history":[{"count":60,"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/pages\/1987\/revisions"}],"predecessor-version":[{"id":3681,"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/pages\/1987\/revisions\/3681"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/media\/2277"}],"wp:attachment":[{"href":"https:\/\/knoxss.pro\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1987"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}