OWASP出品:Xenotix XSS漏洞测试框架

fake 2013-08-08 288752人围观 ,发现 28 个不明物体 工具

OWASP Xenotix XSS Exploit Framework是一个高效的跨站脚本漏洞(XSS)检测和攻击测试框架。它通过特有的三大浏览器引擎(包括Trident, WebKit和Gecko)进行安全扫描检测,并且其号称拥有全世界第二大的XSS测试Payload,同时具有WAF绕过能力。

扫描模块

Manual Mode Scanner
Auto Mode Scanner
DOM Scanner
Multiple Parameter Scanner
POST Request Scanner
Header Scanner
Fuzzer
Hidden Parameter Detector

信息采集模块

Victim Fingerprinting
Browser Fingerprinting
Browser Features Detector
Ping Scan
Port Scan
Internal Network Scan

攻击测试模块

Send Message
Cookie Thief
Phisher
Tabnabbing
Keylogger
HTML5 DDoSer
Executable Drive By
JavaScript Shell
Reverse HTTP WebShell
Drive-By Reverse Shell
Metasploit Browser Exploit
Firefox Reverse Shell Addon (Persistent)
Firefox Session Stealer Addon (Persistent)
Firefox Keylogger Addon (Persistent)
Firefox DDoSer Addon (Persistent)
Firefox Linux Credential File Stealer Addon (Persistent)
Firefox Download and Execute Addon (Persistent)

附加工具

WebKit Developer Tools
Payload Encoder

下载地址

发表评论

已有 28 条评论

取消
Loading...
css.php