itsMe Posted January 13, 2019 Share Posted January 13, 2019 This is the hidden content, please Sign In or Sign Up Advanced XSS Detection Suite XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler. Instead of injecting payloads and checking it works like all the other tools do, XSStrike analyses the response with multiple parsers and then crafts payloads that are guaranteed to work by context analysis integrated with a fuzzing engine. Here are some examples of the payloads generated by XSStrike: This is the hidden content, please Sign In or Sign Up Apart from that, XSStrike has crawling, fuzzing, parameter discovery, WAF detection capabilities as well. It also scans for DOM XSS vulnerabilities. Main Features Reflected and DOM XSS scanning Multi-threaded crawling Context analysis Configurable core WAF detection & evasion Browser engine integration for zero false positive rate Intelligent payload generator Handmade HTML & JavaScript parser Powerful fuzzing engine Blind XSS support Highly researched work-flow Complete HTTP support Bruteforce payloads from a file Powered by Photon, Zetanize and Arjun Payload Encoding This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
Recommended Posts