This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Xenotix XSS Exploit Framework"
Ajin Abraham (talk | contribs) m (→QUICK DOWNLOAD) |
Ajin Abraham (talk | contribs) m (v6.1) |
||
| Line 6: | Line 6: | ||
| valign="top" style="border-right: 1px dotted gray;padding-right:20px;" | | | valign="top" style="border-right: 1px dotted gray;padding-right:20px;" | | ||
| − | ==OWASP Xenotix XSS Exploit Framework | + | ==OWASP Xenotix XSS Exploit Framework== |
[[Image:Xen6.png|left|550px]] | [[Image:Xen6.png|left|550px]] | ||
| Line 53: | Line 53: | ||
== QUICK DOWNLOAD == | == QUICK DOWNLOAD == | ||
| − | [[Image:Dwd.png |200px| link=http://opensecurity.in/downloads/OWASP_Xenotix_XSS_Exploit_Framework_V6.zip]] | + | [[Image:Dwd.png |200px| link=http://opensecurity.in/downloads/OWASP_Xenotix_XSS_Exploit_Framework_V6.1.zip]] |
== NEWS AND EVENTS == | == NEWS AND EVENTS == | ||
| + | * [08 Dec 2014] Xenotix XSS Exploit Framework V6.1 is Released | ||
* [14 Sept 2014] Xenotix XSS Exploit Framework V6 is Released | * [14 Sept 2014] Xenotix XSS Exploit Framework V6 is Released | ||
* [14 Feb 2014] Xenotix XSS Exploit Framework V5 is Released | * [14 Feb 2014] Xenotix XSS Exploit Framework V5 is Released | ||
| Line 91: | Line 92: | ||
'''SCANNER MODULES''' | '''SCANNER MODULES''' | ||
| − | |||
| − | |||
| − | |||
*GET Request Fuzzer | *GET Request Fuzzer | ||
*POST Request Fuzzer | *POST Request Fuzzer | ||
*Advanced Request Fuzzer | *Advanced Request Fuzzer | ||
*OAuth 1.0a Request Scanner | *OAuth 1.0a Request Scanner | ||
| − | *DOM | + | *DOM XSS Analyzer |
| + | *Local DOM XSS Analyzer | ||
*Hidden Parameter Detector | *Hidden Parameter Detector | ||
| Line 205: | Line 204: | ||
====Latest Release==== | ====Latest Release==== | ||
| − | [[Image:Dwd.png | 200px | link=http://opensecurity.in/downloads/OWASP_Xenotix_XSS_Exploit_Framework_V6.zip]] | + | [[Image:Dwd.png | 200px | link=http://opensecurity.in/downloads/OWASP_Xenotix_XSS_Exploit_Framework_V6.1.zip]] |
| − | * Mirror [https://drive.google.com/file/d/0B_Ci- | + | * Mirror [https://drive.google.com/file/d/0B_Ci-1YbMqshNm5WRlRRTllqcG8/view Download V6.1 From GDrive] |
| − | MD5: | + | MD5: 17c703f90dbb4f09b112284232bbb69f |
====Requirements==== | ====Requirements==== | ||
| − | * Microsoft .NET Framework 4. | + | * Microsoft .NET Framework 4.5 http://www.microsoft.com/en-in/download/details.aspx?id=30653 |
* IronPython 2.7.3 http://ironpython.codeplex.com/downloads/get/423690 [If you are using Scripting Engine] | * IronPython 2.7.3 http://ironpython.codeplex.com/downloads/get/423690 [If you are using Scripting Engine] | ||
====Older Versions==== | ====Older Versions==== | ||
| + | *Version 6 http://opensecurity.in/downloads/OWASP_Xenotix_XSS_Exploit_Framework_V6.zip | MD5: 54a2335e35c47b1e5a87b163088c63ff | ||
*Version 5 http://opensecurity.in/downloads/OWASP_Xenotix_XSS_Exploit_Framework_V5.rar | MD5: bdfce2d4af4012ecc20b86bed876a54a | *Version 5 http://opensecurity.in/downloads/OWASP_Xenotix_XSS_Exploit_Framework_V5.rar | MD5: bdfce2d4af4012ecc20b86bed876a54a | ||
*Version 4.5 http://opensecurity.in/downloads/Xenotix_XSS_Exploit_Framework_v4.5.rar | *Version 4.5 http://opensecurity.in/downloads/Xenotix_XSS_Exploit_Framework_v4.5.rar | ||
| Line 280: | Line 280: | ||
<div style="font-size:120%;border:none;margin: 0;color:#000"> | <div style="font-size:120%;border:none;margin: 0;color:#000"> | ||
''' WHAT'S NEW! ''' | ''' WHAT'S NEW! ''' | ||
| − | + | ==V6.1 Changes== | |
| + | * Bug Fixes | ||
| + | * Updated QuickPHP Server | ||
| + | * Local DOM XSS Analyzer | ||
{{#ev:youtube|RhGVuus_NJw}} | {{#ev:youtube|RhGVuus_NJw}} | ||
==V6 Changes== | ==V6 Changes== | ||
| Line 350: | Line 353: | ||
==Support Us== | ==Support Us== | ||
| + | *Twitter Page: [https://twitter.com/Xenotix Xenotix on Twitter] | ||
*Facebook Page: [https://www.facebook.com/xenotix Xenotix on Facebook] | *Facebook Page: [https://www.facebook.com/xenotix Xenotix on Facebook] | ||
*Official Page: [[http://www.opensecurity.in/owasp-xenotix-xss-exploit-framework-v4-2013 Xenotix @ OpenSecurity]] | *Official Page: [[http://www.opensecurity.in/owasp-xenotix-xss-exploit-framework-v4-2013 Xenotix @ OpenSecurity]] | ||
Revision as of 11:59, 8 December 2014
OWASP Xenotix XSS Exploit Framework OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. Xenotix provides Zero False Positive XSS Detection by performing the Scan within the browser engines where in real world, payloads get reflected. Xenotix Scanner Module is incorporated with 3 intelligent fuzzers to reduce the scan time and produce better results. If you really don't like the tool logic, then leverage the power of Xenotix API to make the tool work like you wanted it to be. It is claimed to have the world’s 2nd largest XSS Payloads of about 4800+ distinctive XSS Payloads. It is incorporated with a feature rich Information Gathering module for target Reconnaissance. The Exploit Framework includes real world offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation. Say no to alert pop-ups in PoC. Pen testers can now create appealing Proof of Concepts within few clicks.
LICENSINGOWASP Xenotix XSS Exploit Framework is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
|
PRESENTATIONSDEFCON DCG Banglore 2013
BlackHat Europe Arsenal 2013
Nulcon Goa 2013
ClubHack 2012
PROJECT LEADERAjin Abraham | @ajinabraham PROJECT WEBSITEAWARDS
|
QUICK DOWNLOAD
NEWS AND EVENTS
RELATED PROJECTS
CLASSIFICATIONS
| |||||||
