[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] XSS Fuzzer
From: Poyo VL via Fulldisclosure <fulldisclosure () seclists ! org>
Date: 2018-11-24 12:46:50
Message-ID: 2034002542.5444311.1543063610575 () mail ! yahoo ! com
[Download RAW message or body]
XSS Fuzzer is a simple application written in plain HTML/JavaScript/CSS which generates XSS \
payloads based on user-defined vectors using multiple placeholders which are replaced with \
fuzzing lists. It offers the possibility to just generate the payloads as plain-text or to \
execute them inside an iframe. Inside iframes, it is possible to send GET or POST requests from \
the browser to arbitrary URLs using generated payloads. XSS Fuzzer is a generic tool that can \
be useful for multiple purposes, including:
- Finding new XSS vectors, for any browser- Testing XSS payloads on GET and POST parameters- \
Bypassing XSS Auditors in the browser- Bypassing web application firewalls- Exploiting HTML \
whitelist features
Website: https://xssfuzzer.com/
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic