xssless is an automated XSS payload generator written in python. Usage Record request(s) with Burp proxy Select request(s) you want to generate, then right click and select “Save items” Use xssless to generate your payload: ./xssless.py burp_export_file Pwn! Features Automated XSS payload generation from imported Burp proxy requests Payloads are 100% asynchronous and won’t freeze […]
XSS
Hcon Security Testing Framework (HconSTF) v0.4 – Fire Base
HconSTF is an Open Source Penetration Testing Framework based on different browser technologies, Which helps any security professional to assists in the Penetration testing or vulnerability scanning assessment. It contains webtools which are capable of carrying out XSS attacks, SQL Injection, siXSS, CSRF, Trace XSS, RFI, LFI, etc. It could prove useful to anybody interested […]
w3af v1.1 Released For Download – Web Application Attack & Audit Framework
w3af is a Web Application Attack and Audit Framework. The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. The w3af core and it’s plugins are fully written in python. The project has more than 130 plugins, which check for SQL injection, cross […]
Websecurify – Integrated Web Security Testing Environment
Websecurify is an integrated web security testing environment, which can be used to identify web vulnerabilities by using advanced browser automation, discovery and fuzzing technologies. The platform is designed to perform automated as well as manual vulnerability tests and it is constantly improved and fine-tuned by a team of world class web application security penetration […]
XSSer v1.0 – Cross Site Scripter Framework
XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection. New Features Added “final remote injections” option Cross Flash Attack! Cross Frame Scripting Data Control Protocol Injections […]