DalFox is a fast, powerful parameter analysis and XSS scanner, based on a golang/DOM parser. supports friendly Pipeline, CI/CD and testing of different types of XSS. I talk about naming. Dal(달) is the Korean pronunciation […]
Key features Mode: url sxss pipe file server Class Key Feature Description Discovery Parameter analysis – Find reflected param– Find alive/bad special chars, event handler and attack code– Identification of injection points(HTML/JS/Attribute)inHTML-none inJS-none inJS-double inJS-single […]
Powerful Chromium Browser to find XSS Vulnerabilities automatically while browsing web, it can detect many case scenarios with support for POST requests too Installation Usage Just browse the web like a normal web browser then […]
The MyBB Forum plugin Timeline version 1.0 is vulnerable to XSS(Cross site Scripting) and CSRF(Cross Site Request Forgery) attacks.
Oracle Business Intelligence Enterprise Edition version 188.8.131.52.140715 is vulnerable to a stored cross site scripting exploit.
An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3. System requirements: Recommended to run on vps […]
Currently WordPress Core Version 5.2.2 suffers from cross site scripting vulnerability located within “post previews”. Flaw is fixed by upgrading to WordPress version
Installation Dependencies: LinkFinder Usage To run the tool on a target, just use the following command. This will run the tool against domain.tld. URLs can also be piped to findom-xss and scan on them. For […]