io.kent Posted September 8, 2012 Report Posted September 8, 2012 Attack on a website is very common today, many attackers use SQL-Attack for the database, there are some different attacks that exploit web application. XSS or Cross Site Scripting (CSS) is usually a more common Web-based attack, Cross site scripting is an attack by the Internet browser you have the advantage of poorly written Web applications. This can be done manually or using the automatic scanner that can scan a web application to find the error. In this tutorial I will share the penetration testing tool to check for any Web application attack Cross Site Scripting. XSSploit is multi-platform Cross-Site Scripting scanner and exploiter written in Python. It was developed to help discover and exploit XSS vulnerabilities in penetration testing missions.XSSploit Files : - Xssploit.py: The main file. Contains the core XSSploit and command line interface. Gui.py: The GUI Extensions.txt This file contains the file extensions on the server that must be indexed -Exploits.xml: The base vulnerability data. report.xsl : It is a very basic example on how to display the report generated XSSploit Requirements: - Python 2.5 - wxPython GUI toolkit Download: http://www.scrt.ch/outils/xssploit/Xssploit-0.5.tar.gz Quote
