xssf-cross-site-scripting-framework-v30

简介: The Cross-Site Scripting Framework (XSSF) is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work.
The Cross-Site Scripting Framework (XSSF) is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work. The XSSF project aims to demonstrate the real dangers of XSS vulnerabilities, vulgarizing their exploitation. This project is created solely for education, penetration testing and lawful research purposes. 

XSSF allows creating a
communication channel   with the targeted browser (from a XSS vulnerability) in order to perform further attacks. Users are free to select existing modules (a module = an attack) in order to target specific browsers.

XSSF provides a powerfull documented API, which facilitates development of modules and attacks. In addition, its integration into the
Metasploit Framework allows users to launch MSF browser based exploit easilly from an XSS vulnerability.


XSSF Basics: Install on Kali-1.0 Video Demo : http://www.youtube.com/watch?v=AhUhOirEfTE

Download: https://code.google.com
目录
相关文章
|
3月前
|
存储 安全 JavaScript
XSS攻击(Cross-Site Scripting)
【8月更文挑战第11天】
78 2
|
前端开发 JavaScript Go
Healwire Online Pharmacy 3.0 Cross Site Request Forgery / Cross Site Scripting
Healwire Online Pharmacy version 3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
1507 0
|
分布式计算 Java Spark
Spark - A tiny Sinatra inspired framework for creating web applications in Java 8 with minimal effor
Spark - A tiny Sinatra inspired framework for creating web applications in Java 8 with minimal effort Quick start import static spark.
1235 0
|
安全
SATF – Security Awareness Training Framework
https://www.novainfosec.com/2013/04/29/satf-security-awareness-training-framework/ ...
575 0
Lotus Domino Web Administrator – Cross Site Command Execution
Description Lotus Domino is vulnerable to CSRF attack which can de used for OS command execution in webadmin.
874 0
|
Windows
Zenf Framework Tool
Zend_Tool是一个ZF项目创建的好工具,可以利用Zend_tool来创建我们的ZF项目的目录结构! 1、Zend_Tool的安装过程(For Windows):   (1)在C:\Program Files下创建一个叫做ZendFrameworkCli的文件夹;   (2)将下载...
925 0
|
Web App开发 JavaScript 前端开发
Using Content Security Policy to Prevent Cross-Site Scripting (XSS)
On SendSafely.com we make heavy use of many new JavaScript APIs introduced with HTML5.
984 0
Guidelines for Pentesting a Joomla Based Site
Guidelines for Pentesting a Joomla Based Site
809 0
|
Web App开发
How to Practice Your Web Application Testing Skills
For those who are learning web application security testing (or just trying to stay sharp) it'...
898 0
|
安全 Apache Perl
Preventing Cross-site Scripting Attacks
  Introduction The cross-site scripting attack is one of the most common, yet overlooked, security problems facing web developers today.
806 0