FinDOM-XSS – Fast DOM Based XSS Vulnerability Scanner
Installation of FinDOM-XSS Tool in Kali Linux OS
Step 1: Use the following command to install the tool in your Kali Linux operating system.
git clone https://github.com/dwisiswant0/findom-xss.git
Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.
Step 3: List the contents of the directory
Step 4: Now use the following command to run the tool.
Working with FinDOM-XSS Tool in Kali Linux OS
Example 1: Run the tool on a target
In this example, we are running the tool against the domain http://geeksforgeeks.org.
We have got the potential DOM on http://geeksforgeeks.org through which XSS can be executed.
Results are saved in the text file:
Example 2: Run the tool against Multiple targets
cat urls.txt | ./findom-xss.sh
In this example, we are running the tool against multiple targets which are saved in the urls.txt file.
We have got potential DOM on http://geeksforgeeks.org.
We have got potential DOM on http://bugcrowd.com.
No Potential DOM is been detected on http://facebook.com.