Thursday, July 29, 2010

XSSer v0.6 - "XSSer Storm"


SSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications.
It contains several options to try to bypass certain filters, and various special techniques of code injection.

XSSer v0.6a aka "XSSer Storm!" supports this new features:
-g DORK Process search engine dork results as target urls
(ex:inurl:vulnerable.asp?id=)
--Ge=DORK_ENGINE Search engine to use for dorking (scroogle,
duck, altavista, bing)
-c CRAWLING Crawl target hierarchy parameters (can be slow!)
--Cw=CRAWLING_WIDTH Number of urls to visit when crawling
--Dfo Encodes fuzzing IP addresses in DWORD format

Download: http://xsser.sourceforge.net

No comments:

Post a Comment

Certified Ethical Hacker Network Security Internet Security Computer Security Wireless Network Security