BruteXSS

Others 2019-06-07 16:38:25 views: null

0X01 installation

I follow the great cow blog to the

https://www.cnblogs.com/Pitcoft/p/6341322.html

0X02 use of use BruteXSS

 

# In the catalog BruteXSS, there wordlist.txt   wordlist-small.txt   wordlist-medium.txt  wordlist-huge.txt four attack load

 

wordlist.txt     # about 20 common expressions, you can perform a simple basic XSS checks

 

small.txt-wordlist      # of about 100 statements, you can do a relatively comprehensive examination of XSS

 

medium.txt-wordlist      # statement about 200, a check may be performed to bypass the WAF XSS

 

huge.tx-wordlist     # about 5000 statement, you can perform a very comprehensive and bypass WAF inspection of XSS

 

1 GET method

 

    COMMAND:  python brutexss.py

    METHOD:   g

    URL:      http://www.site.com/?parameter=value

    WORDLIST: wordlist.txt

 

 

 

 

Method 2 POST COMMAND: python brutexss.py

    METHOD:    p

    URL:       http://www.site.com/file.php

    POST DATA: parameter=value&parameter1=value1

    WORDLIST:  wordlist.txt

结果输出

 

 

 

 

 

 切记 学习之路 少就是多 慢就是快 

   by 谢谢卿哥哥

Guess you like

Origin www.cnblogs.com/-zhong/p/10988286.html
Recommended
NetBSD bans submission of code generated by AI
Ranking
Talk dubbo of LRUCache
Chapter 1 Learning Summary
Introduction to Virtualization
pytorch 调用lstm
Six modules
[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array
mybatis mapper mapping file $ # {} {} understanding and
C language input and output buffer
c language floating-point input and output
andorid P version compatible, refer to Huawei
Daily
More
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)

Code World

© 2018 codetd.com