Sponsored
Exploiting Tools

PwnXSS – A Automated XSS Vulnerability Finder

Hey Folks, In this tutorial we are going to talk about an amazing tool called “PwnXSS“. It’s an open source tool available on github that is specially designed to find cross site scripting vulnerability (XSS) on web applications. Now let’s examine the main feature of this tool.

Main Features

  • Advanced error handling
  • POST and GET forms are supported
  • Many Settings that can be Customized
  • Crawling all links on a website
  • Multiprocessing support

Lets take a look 🙂 !!

Installation

It time to configure this tool on terminal. As you know that we make everything easy and likewise we will install and configure this tool in few steps. Now first we have to download it from github by using git command.

git clone https://github.com/pwn0sec/PwnXSS

Now we give chmod permission of the downloaded folder and go to the directory. Installation is Completed 🙂 !! After doing all that we can boot this tool by using python command.
Note : We are using the given website only for testing purposes.

chmod 755 -R PwnXSS
cd PwnXSS
python3 pwnxss.py --help

Got it 🙂 !! Finally we got the exact location of the vulnerability parameter which is “cat=“. Furthermore, it places us vulnerabilities with combined xss payloads through which we can directly test vulnerabilities by executing them.

python3 pwnxss.py -u http://testphp.vulnweb.com

Done 🙂 !! As you can see the tools for finding xss vulnerabilities work fine and when we execute the given URL on the web browser the results are comes very impressive.

About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.
Sponsored
Shubham Goyal

A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.

View Comments

  • I've been surfing on-line more than 3 hours as of late,
    but I never found any interesting article like yours. It's lovely value sufficient
    for me. In my view, if all web owners and bloggers made good content
    as you probably did, the web can be a lot more helpful than ever before.

Leave a Comment
Share
Published by
Shubham Goyal
Tags: andripwn/PwnXSS: PwnXSS: Vulnerabilitypwn0sec / PwnXSSpwnxssPwnXSS - A Automated XSS Vulnerability FinderPwnXSS - Powerful XSS ScannerPwnXSS - Vulnerability XSS Scanner ExploitPwnXSS : Vulnerability XSS Scanner Exploit 2020pwnxss explit xsspwnxss githubpwnxss github xss vulnerabilitypwnxss xss vulnerability finderxss vulnerability finder pwnxss
5 years ago

Recent Posts

Gau (GetAllUrls) – Find Known and Hidden URL

The gau (Get All URLs) tool is a versatile open-source utility that collects URLs from…

4 months ago

Jsluicepp – Burp Extension for JS Secrets – BugBountyTip

Jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic…

9 months ago

Bypassing Firewalls (WAF) with XSS Payloads

Hey Folks :) !! In this tutorial, we will describe some of the techniques commonly…

9 months ago

Termux Cheat Sheet for Hackers

Hey Folks :) !! In this article, we present the "Termux Cheat Sheet for Hackers"…

1 year ago

Cracking the X-Factor in Cybersecurity: How Humans are Protecting the Systems?

Amid the rapid advancement of technology, the significance of human involvement in cybersecurity frequently goes…

2 years ago

Cariddi – Hidden Endpoint Finder for Bug Hunting

Hey Folks, we are back today after such a long break, but don't worry we…

3 years ago
Sponsored

This website uses cookies.