OWASP出品:Xenotix XSS漏洞测试框架

摘要

OWASP Xenotix XSS Exploit Framework是一个高效的跨站脚本漏洞(XSS)检测和攻击测试框架。它通过特有的三大浏览器引擎(包括Trident, WebKit和Gecko)进行安全扫描检测,并且其号称拥有全世界第二大的XSS测试Payload,同时具有WAF绕过能力。

OWASP出品:Xenotix XSS漏洞测试框架

扫描模块

Manual Mode Scanner Auto Mode Scanner DOM Scanner Multiple Parameter Scanner POST Request Scanner Header Scanner Fuzzer Hidden Parameter Detector

信息采集模块

Victim Fingerprinting Browser Fingerprinting Browser Features Detector Ping Scan Port Scan Internal Network Scan

攻击测试模块

Send Message Cookie Thief Phisher Tabnabbing Keylogger HTML5 DDoSer Executable Drive By JavaScript Shell Reverse HTTP WebShell Drive-By Reverse Shell Metasploit Browser Exploit Firefox Reverse Shell Addon (Persistent) Firefox Session Stealer Addon (Persistent) Firefox Keylogger Addon (Persistent) Firefox DDoSer Addon (Persistent) Firefox Linux Credential File Stealer Addon (Persistent) Firefox Download and Execute Addon (Persistent)

附加工具

WebKit Developer Tools Payload Encoder 

下载地址

OWASP Xenotix XSS Exploit Framework是一个高效的跨站脚本漏洞(XSS)检测和攻击测试框架。它通过特有的三大浏览器引擎(包括Trident, WebKit和Gecko)进行安全扫描检测,并且其号称拥有全世界第二大的XSS测试Payload,同时具有WAF绕过能力。

OWASP出品:Xenotix XSS漏洞测试框架

扫描模块

Manual Mode Scanner Auto Mode Scanner DOM Scanner Multiple Parameter Scanner POST Request Scanner Header Scanner Fuzzer Hidden Parameter Detector

信息采集模块

Victim Fingerprinting Browser Fingerprinting Browser Features Detector Ping Scan Port Scan Internal Network Scan

攻击测试模块

Send Message Cookie Thief Phisher Tabnabbing Keylogger HTML5 DDoSer Executable Drive By JavaScript Shell Reverse HTTP WebShell Drive-By Reverse Shell Metasploit Browser Exploit Firefox Reverse Shell Addon (Persistent) Firefox Session Stealer Addon (Persistent) Firefox Keylogger Addon (Persistent) Firefox DDoSer Addon (Persistent) Firefox Linux Credential File Stealer Addon (Persistent) Firefox Download and Execute Addon (Persistent)

附加工具

WebKit Developer Tools Payload Encoder 

下载地址

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: