OWASP Xenotix XSS Exploit Framework是一个高效的跨站脚本漏洞(XSS)检测和攻击测试框架。它通过特有的三大浏览器引擎(包括Trident, WebKit和Gecko)进行安全扫描检测,并且其号称拥有全世界第二大的XSS测试Payload,同时具有WAF绕过能力。
扫描模块
Manual Mode Scanner
Auto Mode Scanner
DOM Scanner
Multiple Parameter Scanner
POST Request Scanner
Header Scanner
Fuzzer
Hidden Parameter Detector
信息采集模块
Victim Fingerprinting
Browser Fingerprinting
Browser Features Detector
Ping Scan
Port Scan
Internal Network Scan
攻击测试模块
Send Message
Cookie Thief
Phisher
Tabnabbing
Keylogger
HTML5 DDoSer
Executable Drive By
JavaScript Shell
Reverse HTTP WebShell
Drive-By Reverse Shell
Metasploit Browser Exploit
Firefox Reverse Shell Addon (Persistent)
Firefox Session Stealer Addon (Persistent)
Firefox Keylogger Addon (Persistent)
Firefox DDoSer Addon (Persistent)
Firefox Linux Credential File Stealer Addon (Persistent)
Firefox Download and Execute Addon (Persistent)
附加工具
WebKit Developer Tools
Payload Encoder
- 1
- 0
如文中未特别声明转载请注明出自: 