Search...

XSStrike v2.0 - An Advanced XSS Detection And Exploitation Suit

2018-03-26T12:31:01

ID KITPLOIT:6160700850389030233
Type kitploit
Reporter KitPloit
Modified 2018-03-26T12:31:01

Description

XSStrike is an advanced XSS detection suite. It has a powerful fuzzing engine and provides zero false positive result using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads. It is intelligent enough to detect and break out of various contexts.

Made by Somdev Sangwan

Features

Powerful fuzzing engine
Context breaking technology
Intelligent payload generation
GET & POST method support
Cookie Support
WAF Fingerprinting
Hand crafted payloads for filter and WAF evasion
Hidden parameter discovery
Accurate results via levenshtein distance algorithm To know more visit xsstrike.tk

Installation
XSStrike is compatible with all *nix based operating systems running Python 2.7. Why not windows? My life, my rules. My code, my tools. Just kidding, it will run on windows as well but you will see some weird codes instead of color. First of all clone the repo by entering the following command in terminal

git clone https://github.com/UltimateHackers/XSStrike

Now naviagte to XSStrike directory

cd XSStrike

Now install the requirements with the following command

pip install -r requirements.txt

Now you can run XSStrike

python xsstrike

Screenshots

Download XSStrike

JSON Vulners Source

Initial Source

{"id": "KITPLOIT:6160700850389030233", "bulletinFamily": "tools", "title": "XSStrike v2.0 - An Advanced XSS Detection And Exploitation Suit", "description": "[ ![](https://3.bp.blogspot.com/-O7iiAsYG62A/WrSfaXsBtgI/AAAAAAAAKpw/TXjnhCF-8MUkiqksHFpUnf5LqfyO25fbwCLcBGAs/s640/XSStrike_6.png) ](<https://3.bp.blogspot.com/-O7iiAsYG62A/WrSfaXsBtgI/AAAAAAAAKpw/TXjnhCF-8MUkiqksHFpUnf5LqfyO25fbwCLcBGAs/s1600/XSStrike_6.png>)\n\n \n\n\nXSStrike is an advanced XSS detection suite. It has a powerful [ fuzzing ](<https://www.kitploit.com/search/label/Fuzzing>) engine and provides zero false positive result using fuzzy matching. [ XSStrike ](<https://www.kitploit.com/search/label/XSStrike>) is the first [ XSS scanner ](<https://www.kitploit.com/search/label/XSS%20scanner>) to generate its own payloads. It is intelligent enough to detect and break out of various contexts. \n\n \n\n\nMade by [ Somdev Sangwan ](<https://twitter.com/s0md3v>)\n\n \n** Features ** \n\n\n * Powerful fuzzing engine \n * Context breaking technology \n * Intelligent [ payload ](<https://www.kitploit.com/search/label/Payload>) generation \n * GET & POST method support \n * Cookie Support \n * WAF Fingerprinting \n * Hand crafted payloads for filter and WAF evasion \n * Hidden parameter discovery \n * Accurate results via [ levenshtein distance ](<https://en.wikipedia.org/wiki/Levenshtein_distance>) algorithm \nTo know more visit [ xsstrike.tk ](<https://xsstrike.tk/>) \n \n** Installation ** \nXSStrike is compatible with all *nix based operating systems running Python 2.7. Why not windows? My life, my rules. My code, my tools. Just kidding, it will run on windows as well but you will see some weird codes instead of color. First of all clone the repo by entering the following command in terminal \n\n \n \n git clone https://github.com/UltimateHackers/XSStrike\n\nNow naviagte to XSStrike directory \n\n \n \n cd XSStrike\n\nNow install the requirements with the following command \n\n \n \n pip install -r requirements.txt\n\nNow you can run XSStrike \n\n \n \n python xsstrike\n\n \n** Screenshots ** \n \n\n\n[ ![](https://4.bp.blogspot.com/-KzsI9bJfHkA/WrSfjNWaRVI/AAAAAAAAKp4/c28lQtI8eckZaxlw3g_iPj9Xs6gyocg-ACLcBGAs/s640/XSStrike_7.png) ](<https://4.bp.blogspot.com/-KzsI9bJfHkA/WrSfjNWaRVI/AAAAAAAAKp4/c28lQtI8eckZaxlw3g_iPj9Xs6gyocg-ACLcBGAs/s1600/XSStrike_7.png>)\n\n \n\n\n[ ![](https://3.bp.blogspot.com/-E-dpClVc0kk/WrSfjBTVi5I/AAAAAAAAKp0/ABpJgMUqF70HAxPKqbG9Neg4qynC8OviQCLcBGAs/s640/XSStrike_8.png) ](<https://3.bp.blogspot.com/-E-dpClVc0kk/WrSfjBTVi5I/AAAAAAAAKp0/ABpJgMUqF70HAxPKqbG9Neg4qynC8OviQCLcBGAs/s1600/XSStrike_8.png>)\n\n \n\n\n[ ![](https://3.bp.blogspot.com/-MiCcV2xTfQI/WrSfjUasGNI/AAAAAAAAKp8/S6Fjb9STTHsvei5pxv1OE6-nJTo8KEMLgCLcBGAs/s640/XSStrike_9.png) ](<https://3.bp.blogspot.com/-MiCcV2xTfQI/WrSfjUasGNI/AAAAAAAAKp8/S6Fjb9STTHsvei5pxv1OE6-nJTo8KEMLgCLcBGAs/s1600/XSStrike_9.png>)\n\n \n \n\n\n** [ Download XSStrike ](<https://github.com/UltimateHackers/XSStrike>) **\n", "published": "2018-03-26T12:31:01", "modified": "2018-03-26T12:31:01", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "http://www.kitploit.com/2018/03/xsstrike-v20-advanced-xss-detection-and.html", "reporter": "KitPloit", "references": ["https://github.com/UltimateHackers/XSStrike"], "cvelist": [], "type": "kitploit", "lastseen": "2021-01-17T23:32:56", "edition": 29, "viewCount": 0, "enchantments": {"dependencies": {"references": [], "modified": "2021-01-17T23:32:56", "rev": 2}, "score": {"value": -0.1, "vector": "NONE", "modified": "2021-01-17T23:32:56", "rev": 2}, "vulnersScore": -0.1}, "toolHref": "https://github.com/UltimateHackers/XSStrike", "scheme": null}