what is XSS:
Cross-Site-Scripting (XSS) is a vulnerability in web applications that makes it possible to execute malicious code (mostly JavaScript).
This is often possible through user input fields, in which the entries are not checked accordingly.
It is important to understand that JavaScipt is executed in the visitor's browser and not on the web server.
What Will I Learn?
i... How to use bruteXss on a website
Requirements:
Termux
Download link
Hackers keyboard
Download link
Brutexss-master
Download
Difficulty
i. Intermediate
Procedure:
and press Enter
ii. The GitHub link is given in REQUIREMENTS, it is a 2mb file, make sure to have a stable data connection.
3: After completing the downloading
i. Type command ls to see the list of available files there.
ii. Type command cd BruteXSS && ls and press Enter. Now you are in brutexss directory
iii. Now we are going to install the brutexss.py file in the directory
Type command python2 brutexss.py
4: How to use?
When the brutexss.py is installed you would be quaried on what method you wish to use.
i. The GET method requires you using a site with paramether e.g example.com/?m=1 in this case "?m=1" is your parameter
ii. The post method requires you using the link to a file e.g example.com/filepart
5: After selecting your desired method you would be asked for site url. In these screenshot i would test it on my friends Website
It is advicable to use brutexss provided wordlist so just press enter.
Posted on (link to my file on GitHub)
repository