This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Xenotix XSS Exploit Framework"
From OWASP
Ajin Abraham (talk | contribs) |
Ajin Abraham (talk | contribs) |
||
Line 58: | Line 58: | ||
*[https://www.facebook.com/xenotix Xenotix on Facebook] | *[https://www.facebook.com/xenotix Xenotix on Facebook] | ||
− | =White Paper= | + | =White Paper and Slides= |
− | * | + | *[http://www.nullcon.net/website/archives/presentation/Xenotix_XSS_Exploit_Framework_By_Ajin_Abraham.pdf Nullcon Goa 2013, India (Slides)] |
*[http://www.exploit-db.com/wp-content/themes/exploit/docs/21223.pdf Download From Exploit-DB] | *[http://www.exploit-db.com/wp-content/themes/exploit/docs/21223.pdf Download From Exploit-DB] | ||
*[http://packetstormsecurity.org/files/116455/Detecting-And-Exploiting-XSS-With-Xenotix-XSS-Exploit-Framework.html Download From PacketStorm Security] | *[http://packetstormsecurity.org/files/116455/Detecting-And-Exploiting-XSS-With-Xenotix-XSS-Exploit-Framework.html Download From PacketStorm Security] |
Revision as of 08:59, 3 August 2013
Xenotix XSS Exploit Framework v4 2013
PROJECT INFO What does this OWASP project offer you? |
RELEASE(S) INFO What releases are available for this project? | |||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
- Official Page: [Xenotix @ Kerala Cyber Force]
The Framework is divided into 4 different modules.
SCANNER MODULES
- Manual Mode Scanner
- Auto Mode Scanner
- DOM Scanner
- Multiple Parameter Scanner
- POST Request Scanner
- Header Scanner
- Fuzzer
- Hidden Parameter Detector
INFORMATION GATHERING MODULES
- Victim Fingerprinting
- Browser Fingerprinting
- Browser Features Detector
- Ping Scan
- Port Scan
- Internal Network Scan
EXPLOITATION MODULES
- Send Message
- Cookie Thief
- Phisher
- Tabnabbing
- Keylogger
- HTML5 DDoSer
- Executable Drive By
- JavaScript Shell
- Reverse HTTP WebShell
- Drive-By Reverse Shell
- Metasploit Browser Exploit
- Firefox Reverse Shell Addon (Persistent)
- Firefox Session Stealer Addon (Persistent)
- Firefox Keylogger Addon (Persistent)
- Firefox DDoSer Addon (Persistent)
- Firefox Linux Credential File Stealer Addon (Persistent)
- Firefox Download and Execute Addon (Persistent)
UTILITY MODULES
- WebKit Developer Tools
- Payload Encoder
Support us on Facebook
White Paper and Slides
Tutorials
Version 3 Videos
- OWASP Xenotix XSS Exploit Framework v3 2013: XSS Scanner Module
- OWASP Xenotix XSS Exploit Framework v3 2013: XSS Keylogger
- OWASP Xenotix XSS Exploit Framework v3 2013: XSS Executable Drive-By
- OWASP Xenotix XSS Exploit Framework v3 2013: XSS Reverse Shell
- OWASP Xenotix XSS Exploit Framework v3 2013: XSS DDoSer
Version 2 Videos
Version 1 Videos
Talk on OWASP Xenotix XSS Exploit Framework [video]
IMPORTANT
The tool may be detected by some Anti-virus solutions as a threat. However it is due to the features in the exploitation framework.
Download
- Version 4 Download OWASP Xenotix XSS Exploit Framework v4
- Version 4 Mirror: DropBox
- Version 3 File:OWASP Xenotix XSS Exploit Framework v3 2013.zip
- Version 2 File:Xenotix XSS Exploit Framework 2013 v2.zip
- Version 1 File:Xenotix XSS Exploitation Framework.zip