XSStrike - Detect and exploit XSS vulnerabilites

XSStrike 6
XSStrike is a program which can crawl, fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs.
  •  Fuzzes a parameter and builds a suitable payload
  •  Bruteforces paramteres with payloads
  •  Has an inbuilt crawler like functionality
  •  Can reverse engineer the rules of a WAF/Filter
  •  Detects and tries to bypass WAFs
  •  Both GET and POST support
  •  Most of the payloads are hand crafted
  •  Negligible number of false positives
  •  Opens the POC in a browser window
watch xsstrike in action
Powered by Blogger.