30 July 2014 | 3,323 views

XSSYA – Cross Site Scripting (XSS) Scanner Tool

Check Your Web Security with Acunetix

XSSYA is a Cross Site Scripting Scanner & Vulnerability Confirmation Tool, it’s written in Python and works by executing an encoded payload to bypass Web Application Firewalls (WAF) which is the first method request and response. If the website/app responds 200 it attempts to use “Method 2″ which searches for the payload decoded in the web page HTML code if it confirmed get the last step which is to execute document.cookie to get the cookie.

XSSYA - Cross Site Scripting (XSS) Scanner Tool

XSSYA Features

  • Supports HTTPS
  • After Confirmation (execute payload to get cookies)
  • Can be run in Windows & Linux
  • Identifies 3 types of WAF (mod_security, WebKnight & F5 BIG IP)
  • XSSYA Continue Library of Encoded Payloads To Bypass WAF (Web Application Firewall)
  • Support Saving The Web HTML Code Before Executing the Payload Viewing the Web HTML Code into the Screen or Terminal

We have written about a couple of XSS related tools before:

XSS-Proxy – Cross Site Scripting Attack Tool
XSS Shell v0.3.9 – Cross Site Scripting Backdoor Tool

You can download XSSYA here:

xssya.py

Or read more here.



Recent in Hacking Tools:
- masscan – The Fastest TCP Port Scanner
- drozer – The Leading Security Testing Framework For Android
- tinfoleak – Get Detailed Info About Any Twitter User

Related Posts:
- XSS-Proxy – Cross Site Scripting Attack Tool
- Vega – Open Source Cross Platform Web-Application Security Assessment Platform
- Acunetix Vulnerability Scanner 9.5 Released

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,868,986 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,059,068 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 624,579 views

Low-cost VPS Hosting

Comments are closed.