Hey Folks, In this tutorial we are going to talk about an amazing tool called “PwnXSS“. It’s an open source tool available on github that is specially designed to find cross site scripting vulnerability (XSS) on web applications. Now let’s examine the main feature of this tool.
Lets take a look 🙂 !!
It time to configure this tool on terminal. As you know that we make everything easy and likewise we will install and configure this tool in few steps. Now first we have to download it from github by using git command.
git clone https://github.com/pwn0sec/PwnXSS
Now we give chmod permission of the downloaded folder and go to the directory. Installation is Completed 🙂 !! After doing all that we can boot this tool by using python command.
Note : We are using the given website only for testing purposes.
chmod 755 -R PwnXSS
cd PwnXSS
python3 pwnxss.py --help
Got it 🙂 !! Finally we got the exact location of the vulnerability parameter which is “cat=“. Furthermore, it places us vulnerabilities with combined xss payloads through which we can directly test vulnerabilities by executing them.
python3 pwnxss.py -u http://testphp.vulnweb.com
Done 🙂 !! As you can see the tools for finding xss vulnerabilities work fine and when we execute the given URL on the web browser the results are comes very impressive.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
Hey Folks :) !! In this article, we present the "Termux Cheat Sheet for Hackers"…
Amid the rapid advancement of technology, the significance of human involvement in cybersecurity frequently goes…
Hey Folks, we are back today after such a long break, but don't worry we…
The security of your API should be one of the top priorities of companies. Without…
Hey Folks, In today's business world, it is essential to have an online presence. However,…
Hey Folks, Is your business prepared in case of a cyber attack? Many companies don't…
This website uses cookies.
View Comments
I've been surfing on-line more than 3 hours as of late,
but I never found any interesting article like yours. It's lovely value sufficient
for me. In my view, if all web owners and bloggers made good content
as you probably did, the web can be a lot more helpful than ever before.