Use BruteXSS BruteForcer For Cross Site Scripting

2
583

BruteXSS is a very speedy go-site Scripting Brute forcing tool which can brute force parameters. It lets in you to inject several payloads from a wordlist to that particular parameters and then check the selected web page for XSS vulnerabilities. in line with the builders, “BruteXSS is noticeably correct at doing its mission and there’s no threat of false effective because the scanning could be very powerful”.
It helps both GET and post requests. And, works on Linux, windows or any tool jogging python 2.7 and above.

How to Use BruteXSS (on home windows)

Download the BruteXSS-master.zip file from GitHub (hyperlink at the bottom of the article), and then extract that report. Now open the listing and hold down the ”Shift” key after which proper-click at the empty location of that window. Now choose “Open command window right here“. and sort brutexss.py inside the command set off and then hit the enter key. Now you may see a window simply as shown beneath.
Be aware: You ought to have python 2.7 or above installed to your pc.

Two Methods To Do

  • Usage (GET Method):
COMMAND: python brutexss.py
METHOD: g
URL: http://www.site.com/?parameter=value
WORDLIST: wordlist.txt
  • Usage (POST method):
COMMAND: python brutexss.py
METHOD: p
URL: http://www.site.com/file.php
POST DATA: parameter=value&parameter1=value1
WORDLIST: wordlist.txt

2 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here