XAttacker is a is a perl website tool to vulnerability scanner & auto exploiter, which you can use to find vulnerability in your website or you can use this tool to Get Shells, Sends, Deface, cPanels & Databases.

Currently tol is supported by CMS like WordPress, Joomla, Drupal, PrestaShop, and LokoMedia.

Also Read Blind-Bash : Project To Obfuscate Your Bash Code

XAttacker Installation

Linux Installation

git clone https://github.com/Moham3dRiahi/XAttacker.git
cd XAttacker
perl XAttacker.pl

Windows Installation

Download Perl
Download XAttacker
Extract XAttacker into Desktop
Open CMD and type the following commands:
cd Desktop/XAttacker-master/
perl XAttacker.pl

Android Installation

git clone https://github.com/Moham3dRiahi/XAttacker.git
cd XAttacker
chmod +x termux-install.sh
bash termux-install.sh

Video

https://www.youtube.com/watch?v=EgqTsrWt2VU

Scan and Exploit Examples

  • If you have list of target websites saved in text file(list.txt) then you can run tool with this command line

perl XAttacker.pl -l list.txt

  • If you don’t have list of target websites then run the tool with this command below

perl XAttacker.pl