BruteXSS - Cross-Site Scripting BruteForcer

BruteXSS is a fast Cross-Site Scripting Brutforcer that can bruteforce parameters. This tool allows you to inject multiple payloads from a wordlist to the specified parameters and test the site for XSS vulnerabilities. According to the developer, "BruteXSS is very accurate at doing its task and there is no chance of false positive as the scanning is much powerful".

It supports both POST and GET requests. And, works on Windows, Linux or any device running python 2.7.

How To Use BruteXSS (on Windows)

Download the file (BruteXSS-master.zip) from GitHub, and then extract the file. Then open the directory and hold down the ''Shift" key and right-click on the empty area of the window. Then select "Open command window here".  Then type brutexss.py in the command prompt and hit the Enter key. You will see a window as shown below.

Note: You must have python 2.7 installed on your computer.

Then select a method.

• Usage (GET Method):

COMMAND : python brutexss.py

METHOD : g

URL : http://www.site.com/?parameter=value

WORDLIST : wordlist.txt

• Usage (POST method):

COMMAND : python brutexss.py

METHOD : p

URL : http://www.site.com/file.php

POST DATA : parameter=value&parameter1=value1

WORDLIST : wordlist.txt

Download Brute-XSS

You might also like:

• 14 Best IP Hide Tools 2016/2017

• Noriben - Python Based Malware Analysis Sandbox

• 4 Best Ways To Hack Android Games

• Top 10 Hacker Movies

• 4 Best Secure Messaging Apps For Android and iPhone