Skip to content

Latest commit

 

History

History
79 lines (50 loc) · 2.59 KB

README.md

File metadata and controls

79 lines (50 loc) · 2.59 KB

XSSer



Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

It provides several options to try to bypass certain filters and various special techniques for code injection.

XSSer has pre-installed [ > 1300 XSS ] attacking vectors and can bypass-exploit code on several browsers/WAFs:

 [PHPIDS]: PHP-IDS
 [Imperva]: Imperva Incapsula WAF
 [WebKnight]: WebKnight WAF
 [F5]: F5 Big IP WAF
 [Barracuda]: Barracuda WAF
 [ModSec]: Mod-Security
 [QuickDF]: QuickDefense
 [Sucuri]: SucuriWAF 
 [Chrome]: Google Chrome
 [IE]: Internet Explorer
 [FF]: Mozilla's Gecko rendering engine, used by Firefox/Iceweasel
 [NS-IE]: Netscape in IE rendering engine mode
 [NS-G]: Netscape in the Gecko rendering engine mode
 [Opera]: Opera Browser

XSSer


Installing:

XSSer runs on many platforms. This install requires FreeBSD, Python 3.9 and you may install its dependencies with the following:

doas pkg install py39-pycurl py39-pygeoip pygobject3-common py39-gobject3 py39-cairocffi py39-selenium py39-beautifulsoup py39-setuptools

If you wish to use the GUI version, also run:

doas pkg install py39-pillow

Source libs:


License:

XSSer is released under the GPLv3. You can find the full license text in the LICENSE file.


Screenshots:

XSSer

XSSer

XSSer

XSSer

XSSer

XSSer

XSSer

XSSer