A Smart Fuzzer and bruteforcer for XSS 2017 -: python XSStrike.py
Namskar Dosto .. mai hu Vishal TechxByte.In Se .. Aaj Hm Janenge XSS Vulnerability Ke Bare Mai & A Smart Fuzzer and bruteforcer for XSS Jo Kali Linux Tool Hai .. To Chliye Shuru Krte Hai ...
![]() |
xsstrike |
Namskar Dosto .. mai hu Vishal TechxByte.In Se .. Aaj Hm Janenge XSS Vulnerability Ke Bare Mai & A Smart Fuzzer and bruteforcer for XSS Jo Kali Linux Tool Hai .. To Chliye Shuru Krte Hai ...
INTRUDUCTION --:
XSS ( Cross Cript Scripting ) Es Se Website Ko Hack Kiya Jata Hai .. Kuch Saal Phile Facebook , Google Jaisi Bdi Websites Bhi Eska Shikaar Hui Hai ..
Ye Attack Un Websites Pe Hota Hai Jo Users Se Unsanitized Data Leti Hai .. Aap Comment Box Mai Malicius Script Embed Kr Skte Hai ,,
Jb Koi Aapke Link Ke Upr Click Krega Tb Aapki Link Execute Ho Jayegi ...
XSS Attack Se Aap User Ke Browser Se Cookies Session Token and dusre importent Information Chura Skte Hai ..
FOR EXAMPLE --:
SCRIPT IS --:
< script>
function cn(){prompt("Enter Your FACEBOOK EMAIL ID ","");}< /script>< input type="button" onclick="fb()" value="CLICK HERE TO SIGN UP">
Ye Script Kuch Es Trike Se Kaam Kregi ..
To Chliye Aaj Ka Real Tutorial Start Krte Hai ...
About XSStrike TOOL ( Kali Linux ) --:
XSStrike ye ek Python Script Design Tool Hai .. jo Xss Vulnerabilities Ko Find Krta Hai ...
Eske Features --:
- Fuzzes a parameter and builds a suitable payload
- Bruteforces paramteres with payloads
- Has an inbuilt crawler like functionality
- Can reverse engineer the rules of a WAF/Filter
- Detects and tries to bypass WAFs
- Both GET and POST support
- Most of the payloads are hand crafted
- Negligible number of false positives
- Opens the POC in a browser window
Installation Process --:
Step 1 -: Kali Linux Terminal Open Kro And Agr Aap New Hai To Ye Commands Copy Pest Kre ...
1 ) cd Desktop
2 ) git clone https://github.com/UltimateHackers/XSStrike.git
3 ) ls
4 ) cd XSStrike
xss |
5 ) ls
6 ) python xsstrike
Ab XSStrike Tool Terminal Mai Chalu Ho Jayega ...
WORKING PROCESS --:
STEP 1 --: Enter The Target URL Mai Aapko Koibhi
Vulnerability Links Daalni Hai Like .php?id=1 And Eske Jaise Dusre ...
Vulnernable Link |
STEP 2 --: Enter Cookies Ayega Tb 2 Daale Tb Fuzzer , Striker
Ninja , Hulk Jiaise Options Ayenge Aapko Konsa
Chliye Wo Aap Le Skte Ho ..
XSStrike Searching |
Step 3 --: Ab Option Choose Krne Ke Baad Enter Click kro Tb Scan
Start Ho Jayega And Aapko Kuch Sites Pe Injected Payload
Milega ..
Payload 1 |
&
payload 2 |
Step 4 --: Us Payload Ko Copy Kr Lijiye And Jo Link Hai Uske
Last Mai Daale Like This Techxbyte.in/(Edr copy Kiya hua payload) And Enter Dba De ..Dhyan rakhe Unsecure Connection Aayega Aap Unsafe Mode Se Ye Try Kre ..
Unsafe reload in Parrot os |
Step 5 --: Ab Aap Ke Saamne Warning Outfit Ayega Tb Smj Lena Aapka Payload Attack Successfully Hua Hai ..
found Payload |
xss payload milne ke baad --: Guys Agr Apko Kisi
Bhi Website Mai Xss Payload Milta Hai To Aap Us Website Ko
Unke Email Se Contect Kr Skte Hai .. And Unhe Ye Vulnerability Ke Bare Mai Bta De ... Bdle Mai Aapko Hall Of Fame, Gift Ya Kuch Money Mil Jayegi ..
Note -: Ye Silf Ek Tool Hai ..AApko Payload Dundneke liye Khi Sare Websites Dundni Pdegi Google Dork Se Bhi .. AapKo XSS ,SQL Knowledge Hai To Aap Aaram Se Website Find Krke Payload Dund Skte Hai ... Mai Aapko Ye Sb Sikhne Ke Liye Ek Website Suggest Krunga ... Securityidiods Jo Bhut Kmmalki Website Hai ...
Guys Aaj Ke Liye Silf Etnahi .. Ummid Hai Aapko Psnd Aya Hoga .. To Milte Hai Agli Post Mai .. Post Psnd AYi Ya Kuch Problem Aa Rhi Hai To Comments Mai Btao Yaaro ..
-VISHAL PATIL
VIDEO PROOF --: