06 January 2014 | 2,381 views

xssless – An Automated XSS Payload Generator Written In Python

Check For Vulnerabilities with Acunetix

xssless is an automated XSS payload generator written in python.

Usage

  1. Record request(s) with Burp proxy
  2. Select request(s) you want to generate, then right click and select “Save items”
  3. Use xssless to generate your payload: ./xssless.py burp_export_file
  4. Pwn!

Features

  • Automated XSS payload generation from imported Burp proxy requests
  • Payloads are 100% asynchronous and won’t freeze the user’s browser
  • CSRF tokens can be easily extracted and set via the -p option
  • POST multipart is supported, along with XSS file uploading via the -f option
  • Payloads are dynamic and portable (due to relative URLs)
  • Crazy JavaScript worms with no hassle!

Installation/Download

Download the latest xssless:

Install dependencies:

Run the script:

Or read more here.

Advertisements



Recent in Hacking Tools:
- Mimikatz – Gather Windows Credentials
- Dharma – Generation-based Context-free Grammar Fuzzing Tool
- Passgen – Random Character Generator For WPA/WPA2 Key Cracking

Related Posts:
- Passgen – Random Character Generator For WPA/WPA2 Key Cracking
- Crunch – Password Cracking Wordlist Generator
- MultiInjector – Automated Stealth SQL Injection Tool

Most Read in Hacking Tools:
  • Top 15 Security/Hacking Tools & Utilities - 1,923,846 views
  • Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,209,243 views
  • wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 650,795 views


  • Advertise on Darknet

    Comments are closed.