30 July 2014 | 3,377 views

XSSYA – Cross Site Scripting (XSS) Scanner Tool

Prevent Network Security Leaks with Acunetix

XSSYA is a Cross Site Scripting Scanner & Vulnerability Confirmation Tool, it’s written in Python and works by executing an encoded payload to bypass Web Application Firewalls (WAF) which is the first method request and response. If the website/app responds 200 it attempts to use “Method 2″ which searches for the payload decoded in the web page HTML code if it confirmed get the last step which is to execute document.cookie to get the cookie.

XSSYA - Cross Site Scripting (XSS) Scanner Tool

XSSYA Features

  • Supports HTTPS
  • After Confirmation (execute payload to get cookies)
  • Can be run in Windows & Linux
  • Identifies 3 types of WAF (mod_security, WebKnight & F5 BIG IP)
  • XSSYA Continue Library of Encoded Payloads To Bypass WAF (Web Application Firewall)
  • Support Saving The Web HTML Code Before Executing the Payload Viewing the Web HTML Code into the Screen or Terminal

We have written about a couple of XSS related tools before:

XSS-Proxy – Cross Site Scripting Attack Tool
XSS Shell v0.3.9 – Cross Site Scripting Backdoor Tool

You can download XSSYA here:

xssya.py

Or read more here.



Recent in Hacking Tools:
- Arachni v1.0 Released – Web Application Security Scanner Framework
- iSniff-GPS – Passive Wifi Sniffing Tool With Location Data
- masscan – The Fastest TCP Port Scanner

Related Posts:
- XSS-Proxy – Cross Site Scripting Attack Tool
- Vega – Open Source Cross Platform Web-Application Security Assessment Platform
- Acunetix Vulnerability Scanner 9.5 Released

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,870,773 views
- Brutus Password Cracker – Download brutus-aet2.zip AET2 - 1,061,870 views
- wwwhack 1.9 – Download wwwhack19.zip Web Hacking Tool - 625,378 views

Advertise on Darknet

Comments are closed.