XSSer is an automatic framework to detect, exploit and report XSS vulnerabilities in web-based applications.
It provides several options to try to bypass certain filters and various special techniques for code injection.
XSSer has pre-installed [ > 1300 XSS ] attacking vectors and can bypass-exploit code on several browsers/WAFs.
Key Features
- Detect XSS flaws in web-based applications.
- Exploit -local/remote- code “on wild”.
- Report found vulnerabilities in real time to community.
- Cross-platform support.
Website: github.com/epsylon/xsser
Support:
Developer: psy
License: GNU General Public License v3.0
XSSer is written in Python. Learn Python with our recommended free books and free tutorials.
Related Software
| Vulnerability Analysis Tools | |
|---|---|
| sqlmap | Penetration testing tool |
| BeEF | The Browser Exploitation Framework |
| pocsuite3 | Remote vulnerability testing framework |
| AFL++ | Security-oriented fuzzer |
| Wapiti | "Black-box" vulnerability scanner |
| jSQL Injection | Automatic SQL database injection |
| sif | Pentesting (recon/exploitation) suite |
| XSSer | Detect, exploit and report XSS vulnerabilities |
| Kanha | Web-app pentesting suite |
| simple fuzzer | A fuzzer with two network modes of operation |
| Doona | Fork of the Bruteforce Exploit Detector Tool |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |