This tool will help you to scan XSS as manually.
* Support HTTPS
* After Confirmation (execute payload to get cookies)
* Can be run in (Windows - Linux)
* Identify 3 types of WAF (Mod_Security - WebKnight - F5 BIG IP)
*XSSYA Continue Library of Encoded Payloads To Bypass WAF (Web Application Firewall)
* Support Saving The Web HTML Code Before Executing
the Payload Viewing the Web HTML Code into the Screen or Terminal
About The Author:
Yehia Mamdouh, He is Senior Security Researcher & Web Penetration Tester at Defencely
And Cofounder & Instructor of Master Metasploit Course At BlueKizen.
He wrote numerous articles In Web attacks ,PDF forensics and Network attack in Hakin9 Magazine, SecurityKaizen Magazine He also get Acknowledged in the hall of fame of many website like ( Delevoers.com , Sonatype.com, marktplaats.nl, fogcreek.com, opentext.com, pinoyhacknews.com) - See more at: http://blog.hackersonlineclub.com/2014/06/xssya-cross-site-scripting-and.html#sthash.3FNpTA62.dpuf