Description: Cross Site Scripter (XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.It contains several options to try to bypass certain filters, and various special techniques of code injection.
Installation:-
XSSer runs on many platforms. It requires Python and the following libraries:
- python-pycurl - Python bindings to libcurl
- python-beautifulsoup - error-tolerant HTML parser for Python
- python-libxml2 - Python bindings for the GNOME XML library
- python-geoip - Python bindings for the GeoIP IP-to-country resolver library
On Debian-based systems (ex: Ubuntu), run:
sudo apt-get install python-pycurl python-beautifulsoup python-libxml2 python-geoip
Credits : http://xsser.sourceforge.net/
This video is all about using XSSer to exploit and report XSS Vulnerability. XSSer comes with a package which offers GTK. It has various options like explorer,intruder etc.
Example:
Simple injection from URL:
python xsser.py -u "http://host.com"
Source : Bl4ckS4b3r from Youtube
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Nice Video Thanks !
this tool includes tor proxy also .
thanks for video