Categories: Kali Linux

XSStrike – Most Advanced XSS Detection Suite

XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler.

Instead of injecting payloads and checking it works like all the other tools do, it analyses the response with multiple parsers and then crafts payloads that are guaranteed to work with context analysis integrated with a fuzzing engine. Here are some examples of the payloads generated by it:

}]};(confirm)()//\
<A%0aONMouseOvER%0d=%0d[8].find(confirm)>z
</tiTlE/><a%0donpOintErentER%0d=%0d(prompt)``>z
</SCRiPT/><DETAILs/+/onpoINTERenTEr%0a=%0aa=prompt,a()//

Apart from that, it has crawling, fuzzing, parameter discovery, WAF detection capabilities as well. It also scans for DOM XSS vulnerabilities.

Also ReadPython-Nubia : A Command-Line & Interactive Shell Framework

XSStrike Gallery

DOM XSS

Reflected XSS

Crawling

Hidden Parameter Discovery

Interactive HTTP Headers Prompt

R K

Recent Posts

How Do I Do Reverse Image Search

Have you ever come across a picture on the internet and wondered where it came…

6 days ago

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

3 weeks ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

3 weeks ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

3 weeks ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

3 weeks ago

Essential Commands for Linux User Listing

Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…

3 weeks ago