{"id":1990,"date":"2018-08-03T09:23:32","date_gmt":"2018-08-03T09:23:32","guid":{"rendered":"http:\/\/tetsuo.edge-themes.com\/?page_id=842"},"modified":"2025-02-10T17:01:46","modified_gmt":"2025-02-10T17:01:46","slug":"main-home","status":"publish","type":"page","link":"https:\/\/knoxss.pro\/","title":{"rendered":"Main"},"content":{"rendered":"<p>[vc_row][vc_column][rev_slider_vc alias=\"landing\" enable_paspartu=\"no\"][\/vc_column][\/vc_row][vc_row][vc_column css=\".vc_custom_1739194743598{margin-top: -8% !important;}\"][vc_wp_text]<\/p>\n<p><center><div style=\"width: 1300px;\" class=\"wp-video\"><video class=\"wp-video-shortcode\" id=\"video-1990-1\" width=\"1300\" height=\"731\" loop autoplay preload=\"metadata\" controls=\"controls\"><source type=\"video\/mp4\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2025\/02\/KNOXSS-Scan.mp4?_=1\" \/><a href=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2025\/02\/KNOXSS-Scan.mp4\">https:\/\/knoxss.pro\/wp-content\/uploads\/2025\/02\/KNOXSS-Scan.mp4<\/a><\/video><\/div>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p><\/center>[\/vc_wp_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=\"150px\"][\/vc_column][\/vc_row][vc_row row_vertical_text=\"FEATURES\" row_vertical_text_holder_left_offset=\"5%\" css=\".vc_custom_1618253108134{padding-bottom: 5px !important;}\"][vc_column offset=\"vc_col-lg-6 vc_col-md-12\"]<div class=\"edgtf-elements-holder   edgtf-one-column  edgtf-responsive-mode-768 \" ><div class=\"edgtf-eh-item    \"  data-item-class=\"edgtf-eh-custom-6232\" data-1367-1600=\"95px 0 0 15%\" data-1025-1366=\"90px 0 0 15%\" data-769-1024=\"0 7%\" data-681-768=\"0 6%\" data-680=\"0 6%\">\n\t<div class=\"edgtf-eh-item-inner\">\n\t\t<div class=\"edgtf-eh-item-content edgtf-eh-custom-6232\" style=\"padding: 43px 0 0 16%\">\n\t\t\t<div class=\"edgtf-charts\"  data-type=\"radar\" data-skin=\"light\" data-no_of_used_datasets=\"2\" data-dataset_1=\"32,29,31,28,30\" data-dataset_2=\"28,28,27,29,28\" data-point_group_labels=\"Confidence,Depth,Coverage,Speed,Reliability\" data-point_group_colors=\"\" data-dataset_1_label=\"KNOXSS\" data-dataset_1_color=\"rgba(35,178,173,0.51)\" data-dataset_2_label=\"Other Tools\" data-dataset_2_color=\"rgba(254,87,20,0.51)\" data-color_scheme=\"dataset\" data-legend_position=\"right\"><canvas id=\"edgtf-charts-canvas-2130923130\"><\/canvas><\/div>\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][vc_column offset=\"vc_col-lg-6 vc_col-md-12\"]<div class=\"edgtf-elements-holder   edgtf-one-column  edgtf-responsive-mode-768 \" ><div class=\"edgtf-eh-item    \"  data-item-class=\"edgtf-eh-custom-7641\" data-1367-1600=\"0 19% 0 9%\" data-1025-1366=\"0 16% 0 7%\" data-769-1024=\"12% 24% 0 24%\" data-681-768=\"10% 18% 0 18%\" data-680=\"25% 8% 0 8%\">\n\t<div class=\"edgtf-eh-item-inner\">\n\t\t<div class=\"edgtf-eh-item-content edgtf-eh-custom-7641\" style=\"padding: 0 30% 0 11%\">\n\t\t\t<div class=\"edgtf-section-title-holder  edgtf-st-standard edgtf-st-title-left edgtf-st-normal-space \" >\n\t<div class=\"edgtf-st-inner\">\n\t\t\t\t\t<h1 class=\"edgtf-st-title\" >\n\t\t\t\tCONFIDENCE BY DESIGN\t\t\t<\/h1>\n\t\t                    <div class=\"edgtf-separator-holder clearfix  edgtf-separator-left edgtf-separator-normal\">\t<div class=\"edgtf-separator\" style=\"border-color: #ffffff;border-style: solid;width: 80px;border-bottom-width: 7px;margin: 24px 0 10px 0px\"><\/div><\/div>        \t\t\t\t\t<span class=\"edgtf-st-text\" >\n\t\t\t\tKNOXSS has a high level of confidence by design. It has almost zero false positive rate (since it has to pop the alert box to prove vulnerability) and low false negative rate regarding its XSS coverage. Its extensive list of covered XSS cases also makes it the best option out there for this kind of vulnerability.\t\t\t<\/span>\n\t\t\t<\/div>\n<\/div>[vc_empty_space height=\"45px\"][vc_raw_html]JTNDYSUyMGhyZWYlM0QlMjJodHRwJTNBJTJGJTJGa25veHNzLnBybyUyRiUzRnBhZ2VfaWQlM0QzMzA4JTIyJTNFJTNDYiUzRUNsaWNrJTIwdG8lMjBzZWUlMjBob3clMjBLTk9YU1MlMjBjb21wYXJlcyUyMHRvJTIwdG9wJTIwZnJlZSUyMFhTUyUyMHRvb2xzLiUzQyUyRmIlM0UlM0MlMkZhJTNF[\/vc_raw_html][vc_empty_space height=\"45px\"]<a itemprop=\"url\" href=\"https:\/\/knoxss.pro\/?page_id=1974\" target=\"_self\"  class=\"edgtf-btn edgtf-btn-medium edgtf-btn-outline\"  >\n                <span class=\"edgtf-btn-overlay\"><\/span>\n                <span class=\"edgtf-btn-text\">SIGN UP<\/span>\n            <\/a>\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][\/vc_row][vc_row][vc_column]<div class=\"edgtf-text-marquee edgtf-tm-7069\" style=\"color: rgba(255,255,255,0.04);font-size: 340px;font-weight: 700\" data-item-class=\"edgtf-tm-7069\" data-font-size-1024=\"300px\" data-font-size-768=\"300px\" data-font-size-680=\"180px\" data-line-height-1024=\"300px\" data-line-height-768=\"300px\" data-line-height-680=\"180px\">\n\t<span class=\"edgtf-marquee-element edgtf-original-text\">KNOXSS RULES_<\/span>\n\t<span class=\"edgtf-marquee-element edgtf-aux-text\">KNOXSS RULES_<\/span>\n<\/div>  [\/vc_column][\/vc_row][vc_row row_content_width=\"grid\" content_text_aligment=\"center\" css=\".vc_custom_1618263959973{padding-bottom: 5px !important;}\"][vc_column css=\".vc_custom_1618264155251{margin-top: -18% !important;}\"]<div class=\"edgtf-elements-holder   edgtf-one-column  edgtf-responsive-mode-768 \" ><div class=\"edgtf-eh-item    \"  data-item-class=\"edgtf-eh-custom-4991\" data-769-1024=\"0 0 20px 0\" data-681-768=\"0 0 60px 0\" data-680=\"0 0 60px 0\">\n\t<div class=\"edgtf-eh-item-inner\">\n\t\t<div class=\"edgtf-eh-item-content edgtf-eh-custom-4991\" >\n\t\t\t<div class=\"edgtf-section-title-holder  edgtf-st-standard edgtf-st-title-left edgtf-st-normal-space \" >\n\t<div class=\"edgtf-st-inner\">\n\t\t\t\t\t<h2 class=\"edgtf-st-title\" >\n\t\t\t\tGAME CHANGER_\t\t\t<\/h2>\n\t\t        \t\t\t\t\t<span class=\"edgtf-st-text\" >\n\t\t\t\tTest with the smartest JavaScript injections ever.\t\t\t<\/span>\n\t\t\t<\/div>\n<\/div>\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][\/vc_row][vc_row][vc_column]<div class=\"edgtf-elements-holder   edgtf-one-column  edgtf-responsive-mode-768 \" ><div class=\"edgtf-eh-item    \"  data-item-class=\"edgtf-eh-custom-3041\">\n\t<div class=\"edgtf-eh-item-inner\">\n\t\t<div class=\"edgtf-eh-item-content edgtf-eh-custom-3041\" style=\"padding: 165px 0 0 0\">\n\t\t\t<div class=\"edgtf-scattered-images edgtf-si-left  edgtf-has-shadow edgtf-si-parallax-yes\">\n    \t<div class=\"edgtf-si-images-holder\">\n\t\t<div class=\"edgtf-si-hero-image-holder\" data-parallax=\"{&quot;y&quot;: -103, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-hero-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2024\/02\/KNOXSS-UI-2024-e1718665838311.jpg\" alt=\"KNOXSS-UI-2024\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t\t<div class=\"edgtf-si-aux-image-holder edgtf-si-aux-image-1\" data-parallax=\"{&quot;y&quot;: 56, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-aux-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2024\/02\/KNOXSS-UI-2024-Popup.png\" alt=\"KNOXSS-UI-2024-Popup\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t\t<div class=\"edgtf-si-aux-image-holder edgtf-si-aux-image-2\" data-parallax=\"{&quot;y&quot;: -84, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-aux-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2024\/02\/loading-line.gif\" alt=\"loading-line\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t<\/div>\n            <div class=\"edgtf-si-text-content-holder\" data-parallax=\"{&quot;y&quot;: 56, &quot;smoothness&quot;: 20}\">\n            <div class=\"edgtf-si-title-holder\">\n                <h2 class=\"edgtf-si-title\">Superior Technology<\/h2>\n            <\/div>\n            <div class=\"edgtf-si-text-holder\">\n                <p class=\"edgtf-si-text\">KNOXSS detects and proves XSS flaws automatically with little to no effort of the user. Just feed KNOXSS with your target URL and it will pop an alert box if it&#039;s exploitable according to its dozens of XSS covered cases.<\/p>\n            <\/div>\n            <div class=\"edgtf-si-button-holder\" >\n                <div class=\"edgtf-si-button\"><a itemprop=\"url\" href=\"https:\/\/knoxss.pro\/?page_id=1974\" target=\"_self\"  class=\"edgtf-btn edgtf-btn-medium edgtf-btn-outline\"  >                <span class=\"edgtf-btn-overlay\"><\/span>                <span class=\"edgtf-btn-text\">SIGN UP<\/span>            <\/a><\/div>\n            <\/div>\n        <\/div>\n    <\/div>\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][\/vc_row][vc_row][vc_column]<div class=\"edgtf-elements-holder   edgtf-one-column  edgtf-responsive-mode-768 \" ><div class=\"edgtf-eh-item    \"  data-item-class=\"edgtf-eh-custom-9706\">\n\t<div class=\"edgtf-eh-item-inner\">\n\t\t<div class=\"edgtf-eh-item-content edgtf-eh-custom-9706\" style=\"padding: 165px 0 0 0\">\n\t\t\t<div class=\"edgtf-scattered-images edgtf-si-left  edgtf-has-shadow edgtf-si-parallax-yes\">\n    \t<div class=\"edgtf-si-images-holder\">\n\t\t<div class=\"edgtf-si-hero-image-holder\" data-parallax=\"{&quot;y&quot;: -83, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-hero-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2024\/02\/KNOXSS-bypass-testimony-e1707555060133.jpg\" alt=\"KNOXSS-bypass-testimony\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t\t<div class=\"edgtf-si-aux-image-holder edgtf-si-aux-image-1\" data-parallax=\"{&quot;y&quot;: 42, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-aux-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2021\/04\/knoxss-community-ack-1.jpeg\" alt=\"knoxss-community-ack-1\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t\t<div class=\"edgtf-si-aux-image-holder edgtf-si-aux-image-2\" data-parallax=\"{&quot;y&quot;: -80, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-aux-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2024\/02\/KNOXSS-12k-bounty-e1707554936622.jpg\" alt=\"KNOXSS-12k-bounty\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t<\/div>\n            <div class=\"edgtf-si-text-content-holder\" data-parallax=\"{&quot;y&quot;: 42, &quot;smoothness&quot;: 20}\">\n            <div class=\"edgtf-si-title-holder\">\n                <h2 class=\"edgtf-si-title\">Community Acknowledgement<\/h2>\n            <\/div>\n            <div class=\"edgtf-si-text-holder\">\n                <p class=\"edgtf-si-text\">KNOXSS is online for 8 years already and it&#039;s responsible for several success cases with thousands of PoCs. From bug hunters to penetration testers, KNOXSS was used by more than 18k users throughout this time.<\/p>\n            <\/div>\n            <div class=\"edgtf-si-button-holder\" >\n                <div class=\"edgtf-si-button\"><a itemprop=\"url\" href=\"https:\/\/knoxss.pro\/?page_id=1974\" target=\"_self\"  class=\"edgtf-btn edgtf-btn-medium edgtf-btn-outline\"  >                <span class=\"edgtf-btn-overlay\"><\/span>                <span class=\"edgtf-btn-text\">SIGN UP<\/span>            <\/a><\/div>\n            <\/div>\n        <\/div>\n    <\/div>\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][\/vc_row][vc_row][vc_column]<div class=\"edgtf-elements-holder   edgtf-one-column  edgtf-responsive-mode-768 \" ><div class=\"edgtf-eh-item    \"  data-item-class=\"edgtf-eh-custom-1838\">\n\t<div class=\"edgtf-eh-item-inner\">\n\t\t<div class=\"edgtf-eh-item-content edgtf-eh-custom-1838\" style=\"padding: 167px 0 0 0\">\n\t\t\t\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][\/vc_row][vc_row][vc_column]<div class=\"edgtf-elements-holder   edgtf-one-column  edgtf-responsive-mode-768 \" ><div class=\"edgtf-eh-item    \"  data-item-class=\"edgtf-eh-custom-9397\">\n\t<div class=\"edgtf-eh-item-inner\">\n\t\t<div class=\"edgtf-eh-item-content edgtf-eh-custom-9397\" style=\"padding: 165px 0 0 0\">\n\t\t\t<div class=\"edgtf-scattered-images edgtf-si-left  edgtf-has-shadow edgtf-si-parallax-yes\">\n    \t<div class=\"edgtf-si-images-holder\">\n\t\t<div class=\"edgtf-si-hero-image-holder\" data-parallax=\"{&quot;y&quot;: -99, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-hero-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2024\/02\/KNOXSS-Support-2-e1707558392674.jpg\" alt=\"KNOXSS-Support-2\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t\t<div class=\"edgtf-si-aux-image-holder edgtf-si-aux-image-1\" data-parallax=\"{&quot;y&quot;: 66, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-aux-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2024\/02\/Captura-de-tela-2024-02-10-055935.png\" alt=\"Captura de tela 2024-02-10 055935\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t\t<div class=\"edgtf-si-aux-image-holder edgtf-si-aux-image-2\" data-parallax=\"{&quot;y&quot;: -61, &quot;smoothness&quot;: 20}\">\n\t\t\t<a href=\"\" target=\"_self\">\n                <div class=\"edgtf-si-aux-inner-image-holder\">\n\t\t\t\t    <img decoding=\"async\" src=\"https:\/\/knoxss.pro\/wp-content\/uploads\/2024\/02\/knoxss-outstanding-support-2-4x.jpg\" alt=\"knoxss-outstanding-support-2-4x\">\n                <\/div>\n\t\t\t<\/a>\n\t\t<\/div>\n\t<\/div>\n            <div class=\"edgtf-si-text-content-holder\" data-parallax=\"{&quot;y&quot;: 66, &quot;smoothness&quot;: 20}\">\n            <div class=\"edgtf-si-title-holder\">\n                <h2 class=\"edgtf-si-title\">Outstanding support<\/h2>\n            <\/div>\n            <div class=\"edgtf-si-text-holder\">\n                <p class=\"edgtf-si-text\">KNOXSS service is able to offer fast technical support via X (former Twitter) chat sometimes in a matter of minutes. It&#039;s provided by knowledgeable people with experience and deep understanding of automated testing and Cross-Site Scripting.<\/p>\n            <\/div>\n            <div class=\"edgtf-si-button-holder\" >\n                <div class=\"edgtf-si-button\"><a itemprop=\"url\" href=\"https:\/\/knoxss.pro\/?page_id=1974\" target=\"_self\"  class=\"edgtf-btn edgtf-btn-medium edgtf-btn-outline\"  >                <span class=\"edgtf-btn-overlay\"><\/span>                <span class=\"edgtf-btn-text\">SIGN UP<\/span>            <\/a><\/div>\n            <\/div>\n        <\/div>\n    <\/div>\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=\"50px\"][\/vc_column][\/vc_row][vc_row][vc_column]<div class=\"edgtf-text-marquee edgtf-tm-6997\" style=\"color: rgba(255,255,255,0.04);font-size: 340px;font-weight: 700\" data-item-class=\"edgtf-tm-6997\" data-font-size-1024=\"300px\" data-font-size-768=\"300px\" data-font-size-680=\"180px\" data-line-height-1024=\"300px\" data-line-height-768=\"300px\" data-line-height-680=\"180px\">\n\t<span class=\"edgtf-marquee-element edgtf-original-text\">GAME CHANGER_<\/span>\n\t<span class=\"edgtf-marquee-element edgtf-aux-text\">GAME CHANGER_<\/span>\n<\/div>  [\/vc_column][\/vc_row][vc_row row_content_width=\"grid\" content_text_aligment=\"center\" css=\".vc_custom_1618263959973{padding-bottom: 5px !important;}\"][vc_column css=\".vc_custom_1618264155251{margin-top: -18% !important;}\"]<div class=\"edgtf-elements-holder   edgtf-one-column  edgtf-responsive-mode-768 \" ><div class=\"edgtf-eh-item    \"  data-item-class=\"edgtf-eh-custom-3956\" data-769-1024=\"0 0 20px 0\" data-681-768=\"0 0 60px 0\" data-680=\"0 0 60px 0\">\n\t<div class=\"edgtf-eh-item-inner\">\n\t\t<div class=\"edgtf-eh-item-content edgtf-eh-custom-3956\" >\n\t\t\t<div class=\"edgtf-section-title-holder  edgtf-st-standard edgtf-st-title-left edgtf-st-normal-space \" >\n\t<div class=\"edgtf-st-inner\">\n\t\t\t\t\t<h2 class=\"edgtf-st-title\" >\n\t\t\t\tFUTURE IS HERE_\t\t\t<\/h2>\n\t\t        \t\t\t\t\t<span class=\"edgtf-st-text\" >\n\t\t\t\tJoin the next revolution in offensive security tools.\t\t\t<\/span>\n\t\t\t<\/div>\n<\/div>\t\t<\/div>\n\t<\/div>\n<\/div><\/div>[\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=\"50px\"][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text css_animation=\"top-to-bottom\"][\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 style=\"text-align: center;\">FEATURING<\/h2>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=\"100px\"][\/vc_column][\/vc_row][vc_row][vc_column width=\"1\/5\"][\/vc_column][vc_column width=\"1\/5\"][vc_column_text]<\/p>\n<h4>TYPES<\/h4>\n<p>&nbsp;<\/p>\n<p>Source-based XSS<\/p>\n<ul>\n<li>HTML Context<\/li>\n<li>JavaScript Context<\/li>\n<li>XML Context<\/li>\n<\/ul>\n<p>.<\/p>\n<p>DOM-based XSS<\/p>\n<ul>\n<li>Document Sink<\/li>\n<li>Location Sink<\/li>\n<li>Execution Sink<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Blind XSS (email report)<\/p>\n<ul>\n<li>Custom Payloads<\/li>\n<li>Automatic Injection<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][vc_column width=\"1\/5\"][vc_column_text]<\/p>\n<h4>INJECTION<\/h4>\n<p>&nbsp;<\/p>\n<p>Input Scope<\/p>\n<ul>\n<li>POST Body parameters (value and name)<\/li>\n<li>URL Parameters (value and name)<\/li>\n<li>URL Path (3 levels deep)<\/li>\n<li>URL Fragment<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Input Techniques<\/p>\n<ul>\n<li>Base64 and Double Encode<\/li>\n<li>Multi injection and Multi Context<\/li>\n<li>Parameter Guessing<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Input Authentication<\/p>\n<ul>\n<li>User provided headers<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][vc_column width=\"1\/5\"][vc_column_text]<\/p>\n<h4>EXCLUSIVE<\/h4>\n<p>&nbsp;<\/p>\n<p>Modes<\/p>\n<ul>\n<li>XSS Polyglots<\/li>\n<li>PoC Checking<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>ReferenceError Fix<\/p>\n<ul>\n<li>JS Object Hoisting<\/li>\n<li>JS Hoisting Override<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Filter Bypass<\/p>\n<ul>\n<li>Fully validated URL and email formats<\/li>\n<li>Hardcoded Obfuscation<\/li>\n<li>Evasion using I\/O differences<\/li>\n<li>Basic CSP bypass<\/li>\n<\/ul>\n<p>[\/vc_column_text][\/vc_column][vc_column width=\"1\/5\"][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=\"150px\"][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text]<\/p>\n<h2 style=\"text-align: center;\">Frequently Asked Questions<\/h2>\n<p>[\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=\"150px\"][\/vc_column][\/vc_row][vc_row][vc_column][vc_toggle title=\"What KNOXSS does?\" css=\".vc_custom_1739206602490{margin-right: 20% !important;margin-left: 20% !important;}\"]KNOXSS finds source-based and DOM-based reflected and stored XSS in vulnerable pages using components of URL (path and query parameters) as entry points. To see all XSS cases KNOXSS is able to spot check our <strong><a href=\"https:\/\/knoxss.pro\/?page_id=766\">XSS Coverage<\/a>.<\/strong>[\/vc_toggle][vc_toggle title=\"How to use KNOXSS?\" css=\".vc_custom_1739206540193{margin-right: 20% !important;margin-left: 20% !important;}\"]The basic usage is just copy + paste the target URL in the main field of the web user interface (at knoxss.pro\/ui). That's for unauthenticated GET requests, most scenarios out there. For POST requests, there's the need to provide the action URL in the main field and the POST body (pairs of name=value separated by a &amp; sign) in the left box after clicking in the \"Extra Data\" button. For authenticated requests, there's a right box after clicking in \"Extra Data\" to provide pairs of HTTP headers (usually cookies) in the format header:value, one per line.[\/vc_toggle][vc_toggle title=\"How KNOXSS works?\" css=\".vc_custom_1739206871311{margin-right: 20% !important;margin-left: 20% !important;}\"]Basically, KNOXSS takes the target URL plus all extra data provided and check if there's a reflection on all URL or POST body parameter values (also on name), along with URL path (3 levels deep) and fragment. If it finds some reflection somewhere, in the HTTP response, DOM or associated JS calls, it will take some decisions on what type of injection it will use (HTML or JS injection). Finally it will try several specific XSS vectors in order to pop an alert box to prove the vulnerability.[\/vc_toggle][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=\"150px\"][\/vc_column][\/vc_row]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[vc_row][vc_column][rev_slider_vc alias=&#8221;landing&#8221; enable_paspartu=&#8221;no&#8221;][\/vc_column][\/vc_row][vc_row][vc_column css=&#8221;.vc_custom_1739194743598{margin-top: -8% !important;}&#8221;][vc_wp_text] &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; [\/vc_wp_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=&#8221;150px&#8221;][\/vc_column][\/vc_row][vc_row row_vertical_text=&#8221;FEATURES&#8221; row_vertical_text_holder_left_offset=&#8221;5%&#8221; css=&#8221;.vc_custom_1618253108134{padding-bottom: 5px !important;}&#8221;][vc_column offset=&#8221;vc_col-lg-6 vc_col-md-12&#8243;][\/vc_column][vc_column offset=&#8221;vc_col-lg-6 vc_col-md-12&#8243;][\/vc_column][\/vc_row][vc_row][vc_column][\/vc_column][\/vc_row][vc_row row_content_width=&#8221;grid&#8221; content_text_aligment=&#8221;center&#8221; css=&#8221;.vc_custom_1618263959973{padding-bottom: 5px !important;}&#8221;][vc_column css=&#8221;.vc_custom_1618264155251{margin-top: -18% !important;}&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][\/vc_column][\/vc_row][vc_row][vc_column][\/vc_column][\/vc_row][vc_row][vc_column][\/vc_column][\/vc_row][vc_row][vc_column][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=&#8221;50px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][\/vc_column][\/vc_row][vc_row row_content_width=&#8221;grid&#8221; content_text_aligment=&#8221;center&#8221; css=&#8221;.vc_custom_1618263959973{padding-bottom: 5px !important;}&#8221;][vc_column css=&#8221;.vc_custom_1618264155251{margin-top: -18% !important;}&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=&#8221;50px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text css_animation=&#8221;top-to-bottom&#8221;][\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_column_text] FEATURING [\/vc_column_text][\/vc_column][\/vc_row][vc_row][vc_column][vc_empty_space height=&#8221;100px&#8221;][\/vc_column][\/vc_row][vc_row][vc_column width=&#8221;1\/5&#8243;][\/vc_column][vc_column width=&#8221;1\/5&#8243;][vc_column_text] TYPES &nbsp; Source-based XSS [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3179,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"full-width.php","meta":{"footnotes":""},"class_list":["post-1990","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/pages\/1990","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/knoxss.pro\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1990"}],"version-history":[{"count":53,"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/pages\/1990\/revisions"}],"predecessor-version":[{"id":2520,"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/pages\/1990\/revisions\/2520"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/knoxss.pro\/index.php?rest_route=\/wp\/v2\/media\/3179"}],"wp:attachment":[{"href":"https:\/\/knoxss.pro\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1990"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}