Working with XSS-Freak Tool on Kali Linux OS
Example 1: We will be testing http://w3wiki.org target domain
In this example, We will be testing the w3wiki.org domain. We will specify the list of XSS consisting of Payloads.
As w3wiki.org is Secured Website, the tool has not detected any vulnerable parameters.
Example 2: We will be testing http://testphp.vulnweb.com target domain
In this example, We will be scanning the testphp.vulnweb.com domain.
We have got one vulnerable parameter or input through which we can insert the payload.
XSS-Freak – XSS Scanner Fully Written in Kali Linux
XSS or Cross-Site Scripting is the most emerging security flaw in Web Applications. When the arbitrary or malicious JavaScript is executed by the web application then it is said to be an XSS Vulnerable Website. There are various XSS Scanners through which we can detect the XSS on the target domain. XSS-Freak is an XSS Scanner developed in the Python Language. XSS-Freak tool is an open-source and free-to-use tool also available on GitHub. XSS-Freak tool crawls the target domain for all possible links and directories to increase the chances of attack.
Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process – Python Installation Steps on Linux
Contact Us