XSS-LOADER is a all in one tools for XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDER and this is written by Hulya Karabag.
How to use?
Installation
git clone https://github.com/capture0x/XSS-LOADER/
cd XSS-LOADER
pip3 install -r requirements.txt
Usage
python3 payloader.py
Features
<script>alert(1)</script>
<div onpointerover='alert(1)'>MOVE HERE</div
<img src=x onerror=alert('1');>
<body ontouchstart=alert(1)>
<svg onload=alert('1')>
Also Read – XSHOCK : Tool To Exploits ShellShock
Xss Scanner
Initially you’ll need to enter url of target Please enter the url like this example==>e.g target —–> http://target.com/index.php?name= Selected for scanning payload list
BASIC PAYLOAD LIST ==> Payload list consisting of script tag
DIV PAYLOAD LIST ==> Payload list consisting of div tag
IMG PAYLOAD LIST ==> Payload list consisting of img tag
BODY PAYLOAD LIST ==> Payload list consisting of body tag
SVG PAYLOAD LIST ==> Payload list consisting of svg tag
MIXED PAYLOAD LIST ==> Payload list consisting of all tag
ENTER FILE PATH ==> Payload list determined by the user ,Please enter the url like this example..! (e.g. path —–> /usr/share/wordlists/wfuzz/Injections/XSS.txt)
Results will be added in “vulnpayload.txt” after scanning.
Xss Dork Finder
First enter the dork for searching: e.g—->inurl:”search.php?q=” Results will be saved in “dork.txt” after scanning.
Screenshot
Nmap (Network Mapper) is a free tool that helps you find devices on a network,…
Introduction to the Model Context Protocol (MCP) The Model Context Protocol (MCP) is an open…
While file extensions in Linux are optional and often misleading, the file command helps decode what a…
The touch command is one of the quickest ways to create new empty files or update timestamps…
Handling large numbers of files is routine for Linux users, and that’s where the find command shines.…
Managing files and directories is foundational for Linux workflows, and the mv (“move”) command makes it easy…