摘要:XSSer (Cross site "scripter")是一款自动化渗透测试XSS漏洞的安全工具,专门用来检测和利用不同应用程序中存在的跨站脚本漏洞。它包含了一些选项用来尝试绕过特定的过滤器,并且具有特殊的代码注入技术... XSSer (Cross site "scripter")是一款自动化渗透测试XSS漏洞的安全工具,专门用来检测和利用不同应用程序中存在的跨站脚本漏洞。它包含了一些选项用来尝试绕过特定的过滤器,并且具有特殊的代码注入技术。 XSSer 1.6b 主要改进内容: * Added Drop Cookie option * Added Random IP X-Forwarded-For an X-Client-IP option * Added GSS and NTLM authentication methods * Added Ignore proxy option * Added TCP-NODELAY option * Added Follow redirects option * Added Follow redirects limiter parameter * Added Auto-HEAD precheck system * Added No-HEAD option * Added Isalive option * Added Check at url option (Blind XSS) * Added Reverse Check parameter * Added PHPIDS (v.0.6.5) exploit * Added More vectors to auto-payloading * Added HTML5 studied vectors * Fixed Different bugs on core * Fixed Curl handlerer options * Fixed Dorkerers system * Fixed Bugs on results propagation * Fixed POST requests |
|