Web Penetration Testing
Demonstrate to your client how easy it is to exploit the XSS vulnerability that you have found in his web application. Quickly create a Proof-of-Concept simulating a real-life attack.
Distribute the payload to the target audience and gather data from multiple users. Measure the security awareness of the organization and find privileged accounts (ex. administrators) to extract data from.
Understand XSS Vulnerability
This tool can also be used during web security training in order to better understand XSS and its risk in real life attacks.
The XSS Exploiter helps exploit Cross-Site Scripting, one of the most critical vulnerabilities in web applications, according to the OWASP Top 10 project.
The tool provides all the elements necessary to exploit an identified vulnerability:
The server-side component that receives the user data
A valid SSL certificate on the receiving server which makes the browser trust the script
A simple interface to generate the payloads and display the results
The label which is used to identify your handler. Choose something meaningful for you, such as the name of the web application, of the organization, a testing scenario, etc.
Have the script fetch the user's cookies. A common field that is stored here is the session cookie. Stealing this can be used to impersonate the user and do actions on their behalf. In order to do this, you only need to replace your own session cookie when accessing the application with the one stolen from the user.
Get HTML Content
Have the script fetch the HTML content of the page the user is on. This includes any modifications caused by user interaction, such as automatic completion of forms or sensitive user data displayed inside an Account Details page.
Get page screenshot
Have the script fetch a screenshot of the generated page. This is useful when presenting the Proof-of-Concept to non-technical users, as definite visual proof that the private session of another user can been accessed.
Have the script intercept and record user keyboard input. A keylogger is especially useful on pages where sensitive user input is requested, such as login pages. It can retrieve usernames, passwords, specific search terms used, or other sensitive user-inputted data, that is not available at the end of the page load.
How it works
The tool is capable of fetching the following information:
Source IP address
All HTTP headers
Operating system (deducted from User Agent)
Each XSS Handler is unique. Only you can see the data extracted by your handlers. Nobody else can use your payloads or send data back to your handler unless they know your exact URL.
A handler is active for 60 days. After this time expires, you will still be able to view your results, but the handler will stop logging new requests. Additionally, there is a limit of 60 requests that can be logged per handler.
This tool costs 50 credits but you have 40 credits left.