XSSer (Cross site "scripter")是一款自动化渗透测试XSS漏洞的安全工具,专门用来检测和利用不同应用程序中存在的跨站脚本漏洞。它包含了一些选项用来尝试绕过特定的过滤器,并且具有特殊的代码注入技术。
目前,XSSer更新至1.5版,新版本主要改变如下:
– Added heuristic test
– Updated dorkers list
– HTTP Response Splitting Induced code
– GTK+ interface
– Geomapping
– Multithreading workers
– Test controllers
– Added websockets technology (orbited)
– Added update option
– DoS (server) side injection
– DCP/DOM/Induced final code
– Code clean
– Bugfixing
– New options menu
– More advanced statistics system