daffainfo
/
PayloadsAllTheThings
mirror of https://github.com/daffainfo/PayloadsAllTheThings.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

little update

patch-1
Max Boll 2020-10-27 14:10:35 +01:00
parent 8448bbc483
commit 2a65064d15
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
XSS Injection/README.md
View File

@ -126,11 +126,14 @@ More exploits at [http://www.xss-payloads.com/payloads-list.html?a#category=all]
``` ```
### Tools ### Tools
Most tools are also suitable for blind XSS attacks:
* [XSSStrike](https://github.com/s0md3v/XSStrike): Very popular but unfortunately not very well maintained * [XSSStrike](https://github.com/s0md3v/XSStrike): Very popular but unfortunately not very well maintained
* [xsser](https://github.com/epsylon/xsser): Utilizes a headless browser to detect XSS vulnerabilities * [xsser](https://github.com/epsylon/xsser): Utilizes a headless browser to detect XSS vulnerabilities
* [Dalfox](https://github.com/hahwul/dalfox): Extensive functionality and extremely fast thanks to the implementation in Go * [Dalfox](https://github.com/hahwul/dalfox): Extensive functionality and extremely fast thanks to the implementation in Go
* [XSpear](https://github.com/hahwul/XSpear): Similar to Dalfox but based on Ruby * [XSpear](https://github.com/hahwul/XSpear): Similar to Dalfox but based on Ruby
* [domdig](git@github.com:fcavallarin/domdig.git): Headless Chrome XSS Tester * [domdig](https://github.com/fcavallarin/domdig): Headless Chrome XSS Tester
## XSS in HTML/Applications ## XSS in HTML/Applications