SkyNet Tools

Find Stored XSS & HTML Injections Easily

January 9, 2023January 9, 2023 Admin

This is a short tutorial to find stored XSS & HTML Injections easily. HTML injections occur when input isn’t sanitized to check or remove code thus, allowing potentially malicious code to execute on a web […]

Toxssin – Open-source Penetration Testing Tool That Automates Exploiting Cross-Site Scripting (XSS)

June 29, 2022June 29, 2022 Admin

toxssin is an open-source penetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious […]

V3n0M – Offensive Security Tool for Vulnerability Scanning & Pentesting

August 22, 2021August 22, 2021 Admin

Features In its current state, it will only work with torrc MAX CIRCUIT DIRTINESS of 10 Cloudflare Resolver [Cloudbuster] LFI->RCE and XSS Scanning [LFI to RCE & XSS] SQL Injection Vuln Scanner [SQLi] Extremely Large […]

DalFox – Fast, Powerful Parameter Analysis & XSS Scanner, Based on a Golang/DOM Parser

May 20, 2021May 20, 2021 Admin

DalFox is a fast, powerful parameter analysis and XSS scanner, based on a golang/DOM parser. supports friendly Pipeline, CI/CD and testing of different types of XSS. I talk about naming. Dal(달) is the Korean pronunciation […]

DalFox – Fast, Powerful Parameter Analysis and XSS Scanner

April 20, 2021April 20, 2021 Admin

Key features Mode: url sxss pipe file server Class Key Feature Description Discovery Parameter analysis – Find reflected param– Find alive/bad special chars, event handler and attack code– Identification of injection points(HTML/JS/Attribute)inHTML-none inJS-none inJS-double inJS-single […]

XSSTRON, Electron JS Browser To Find XSS Vulnerabilities

February 1, 2021February 1, 2021 Admin

Powerful Chromium Browser to find XSS Vulnerabilities automatically while browsing web, it can detect many case scenarios with support for POST requests too Installation Usage Just browse the web like a normal web browser then […]

MyBB Timeline Plugin 1.0 – Cross-Site Scripting / CSRF

January 25, 2021January 25, 2021 Admin

The MyBB Forum plugin Timeline version 1.0 is vulnerable to XSS(Cross site Scripting) and CSRF(Cross Site Request Forgery) attacks.

Oracle Business Intelligence Enterprise Edition 11.1.1.7.140715 – Stored XSS Exploit

January 20, 2021January 20, 2021 Admin

Oracle Business Intelligence Enterprise Edition version 11.1.1.7.140715 is vulnerable to a stored cross site scripting exploit.

Garud – Automation Tool That Scans Sub-Domains, Sub-Domain Takeover Then Filters out XSS, SSTI, SSRF

January 20, 2021January 20, 2021 Admin

An automation tool that scans sub-domains, sub-domain takeover and then filters out xss, ssti, ssrf and more injection point parameters. Requirements: Go Language, Python 2.7 or Python 3. System requirements: Recommended to run on vps […]

WordPress Plugin Stripe Payments 2.0.39 – ‘AcceptStripePayments-settings[currency_code]’ Vulnerable to Stored XSS

January 5, 2021January 5, 2021 Admin

The WordPress plugin Stripe Payments 2.0.39 suffers from a Stored Cross Site Scripting vulnerability(XSS). Currently their is not an updated version.