• Comprehensive Scanning: Tests URL parameters, POST parameters, headers, and DOM content for XSS vulnerabilities.
• Multiple Browser Support: Compatible with both Firefox and Chrome for testing.
• Headless Mode: Option to run scans in headless browser mode for faster & traditional execution.
• Paralellised Scanning: Utilises multi-threading for efficient scanning of multiple targets.
• Customizable: Supports custom headers, cookies, and payload files.
• Crawling Capability: Can crawl websites to discover and test additional pages.
• Detailed Reporting: Provides comprehensive output with color-coded console logs and optional file output.
• DOM XSS Detection: Advanced detection of DOM-based XSS vulnerabilities.
• Payload Customization: Automatically customises payloads with unique identifiers for accurate detection.
• Tamper Techniques: WAF evasion techniques
• Detection of SQLi: Validates whether SQLi is also indicative within responses
• WAF Detection: The ability to detect a firewall running on a target, using behavioural and static checks

• URL parameter analysis & testing
• POST parameter analysis & testing
• DOM content analysis & testing
• Header testing
• External script analysis
• Crawling targets and depth control
• WAF Detection
• Tamper Techniques

pip install -r requirements.txt

python3 helios.py [target_url] [options] 

python3 helios.py target.com -o output.txt --crawl

python3 helios.py -l targetlist.txt --payload-file xsspayloads.txt -o output.txt --crawl --headless --cookies "Name=abcdefg" --headers "X-Forwarded For: 127.0.0.1"

Use python helios.py --help for a full list of options and usage instructions.

• Enhance payload generation dependant on context of target
• Modular refactoring
• More 'smart' payloads for DOM XSS
• Getting gud

Helios is currently in early stages of development. While it offers powerful scanning capabilities, users should be aware that it may contain bugs or limitations. Contributions and feedback are welcome to improve its functionality and reliability.

This tool is for educational and ethical testing purposes only. Always obtain proper authorization before scanning any web applications or networks you do not own or have explicit permission to test.

Created by @stuub