0X01 installation
I follow the great cow blog to the
https://www.cnblogs.com/Pitcoft/p/6341322.html
0X02 use of use BruteXSS
# In the catalog BruteXSS, there wordlist.txt wordlist-small.txt wordlist-medium.txt wordlist-huge.txt four attack load
wordlist.txt # about 20 common expressions, you can perform a simple basic XSS checks
small.txt-wordlist # of about 100 statements, you can do a relatively comprehensive examination of XSS
medium.txt-wordlist # statement about 200, a check may be performed to bypass the WAF XSS
huge.tx-wordlist # about 5000 statement, you can perform a very comprehensive and bypass WAF inspection of XSS
1 GET method
COMMAND: python brutexss.py METHOD: g URL: http://www.site.com/?parameter=value WORDLIST: wordlist.txt
Method 2 POST COMMAND: python brutexss.py
METHOD: p URL: http://www.site.com/file.php POST DATA: parameter=value¶meter1=value1 WORDLIST: wordlist.txt
结果输出
切记 学习之路 少就是多 慢就是快
by 谢谢卿哥哥