XSStrike – Advanced XSS Fuzzer & Exploitation Suite


XSStrike is an advanced XSS detection suite, which contains a powerful XSS fuzzer and provides zero false positive results using fuzzy matching. XSStrike is the first XSS scanner to generate its own payloads.

XSStrike - Advanced XSS Fuzzer & Exploitation Suite

It is also built in an intelligent enough manner to detect and break out of various contexts.


Features of XSStrike XSS Fuzzer & Hacking Tool

XSStrike has:

  • Powerful fuzzing engine
  • Context breaking technology
  • Intelligent payload generation
  • GET & POST method support
  • Cookie Support
  • WAF Fingerprinting
  • Handcrafted payloads for filter and WAF evasion
  • Hidden parameter discovery
  • Accurate results via levenshtein distance algorithm

There are various other XSS security related tools you can check out like:

XSSYA v2.0 Released – XSS Vulnerability Confirmation Tool
xssless – An Automated XSS Payload Generator Written In Python
XSSer v1.0 – Cross Site Scripter Framework

You can download XSStrike here:

XSStrike-master.zip

Or read more here.

Posted in: Hacking Tools


Latest Posts:


Socialscan - Command-Line Tool To Check For Email And Social Media Username Usage Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username,
CFRipper - CloudFormation Security Scanning & Audit Tool CFRipper – CloudFormation Security Scanning & Audit Tool
CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool
CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.


Comments are closed.