OWASP Xenotix XSS Exploit Framework

#owasp #xss #blueteam #security-assessment #red-teaming #purpleteam

Focus Areas: 🛡️ Security Operations & Defense , 🎯 Penetration Testing , 🔍 Vulnerability Management , 🌐 Web Application Security

This tool demo covers following tools where the speaker has contributed or authored
XENOTIX XSS EXPLOIT FRAMEWORK

Abstract

Xenotix XSS Exploit Framework is a penetration testing tool to detect and exploit XSS vulnerabilities in Web Applications. It is basically a payload list based XSS Scanner and XSS Exploitation kit. It is having the world’s second largest XSS Payload list. It provides a penetration tester the ability to test all the XSS payloads available in the payload list against a web application to test for XSS vulnerabilities. The tool supports both manual mode and automated time sharing based test modes. The exploitation framework in the tool includes a XSS encoder, a victim side XSS keystroke logger, an Executable Drive-by downloader and a XSS Reverse Shell. These exploitation tools will help the penetration tester to create proof of concept attacks on vulnerable web applications during the creation of a penetration test report.