There are many scanners selecting parameters in the address bar on the Internet. Most of them are paid and not cheap. But none of them is a browser extension. We decided to fill this gap. Meet the beta version of the scanner Find-XSS-Fire. Certainly it isn’t as powerful as our online scanner, but it is able to find something that could be missed. Besides it is absolutely free. The following is a description of the installation and use:
Download (install) here, version 0.0.4
Warning: scanning may damage the work of the resource, it is recommended to scan on localhost!
1. Drag the downloaded file into the FireFox browser and accept the installation.
2. The scanner icon should appear in the lower right corner (see the screenshot).
If not, then the lower toolbar for add-on is disabled.
To enable it do: View-> Toolbars-> Add-on Bar (or just ctrl + /, but the keys do not operate at all systems).
3. Indicate the URL of your website or a local address in the opened window.
4. Indicate the level of scanning (3 is recommended).
5. The scanner is allowed to scan only your websites. Any scanning of third-party products is prohibited and leads to criminal liability. If you are scanning your site, confirm it by checking the box.
6. After clicking on the scan the scanner starts.
7. Wait for the scan results. It may take to a few hours, depending on the speed of response of your server and the level of nesting.
When finding vulnerabilities you can contact us to remove them.