In this video, I show you how to hack websites using XSStrike and Kali Linux 2017.1
XSStrike is a python which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs.
Installation and Usage:
Use the following command to download it
After downloading, navigate to XSStrike directory with the following command
Now install the required modules with the following command
pip install -r requirements.txt
Now you are good to go! Run XSStrike with the following command
You can enter your target URL now but remember, you have to mark the most crucial parameter by inserting “d3v” in it.
For example: target.com/search.php?q=d3v&category=1
After you enter your target URL, XSStrike will check if the target is protected by a WAF or not. If its not protected by WAF you will get three options
1. Fuzzer: It checks how the input gets…
sql tutorial for beginners with examples