Open In App

We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy

Xcapy – Tool For XSS Detection Suite for CTFs games

Xcapy is a free and open-source tool available on GitHub that was developed to find cross-site scripting (XSS Vulnerabilities) on web applications and websites. Cross-site scripting is a vulnerability found in the javascript code of web applications and websites. This tool is written in python language so you must have python 3.7 installed in your Kali Linux operating system in order to use this tool. There are lots of websites on the internet that are vulnerable to cross-site scripting(XSS). The security of the website is important for an organization and this Xcapy tool makes finding cross-site scripting easy. Cross-site scripting (XSS) is a vulnerability that can be used to hack websites. This tool helps to find such vulnerability easily which can save an organization from a big loss. 

Features of  Xcapy

 

Installation

Step 1: Use the following command to install the tool from GitHub. This is the first step to be initiated from the terminal of your kali Linux operating system.



cd Desktop

git clone “https://github.com/BlackWolfed/xcapy.git”



 

Step 2:  The tool has been downloaded. Now use the following command to move into the directory of the tool. 

cd xcapy

 

Step 3: Now you are in the directory of the tool. Use the following command to run the tool. 

python3 xcapy.py

 

The tool is running successfully.  Examples are given below to use the tool.

Examples

Example1: Use the Xcapy tool to find cross-site scripting(XSS) vulnerability on a website.

Use the following command to run the tool.

python3 xcapy.py

 

Now use type the domain of the website in the tool.

 

The tool has found that no XSS is present on the domain. Similarly, you can use the tool to find any XXS on other sites.

Example 2: Use the Xcapy tool to find cross-site scripting on a website. Use the following command to run the tool.

python3 xcapy.py

 

Enter your target domain in the terminal of the tool.

 

Article Tags :
Linux-Unix
Recommended Articles
1. XSS-Freak - XSS Scanner Fully Written in Kali Linux
2. XSS-Loader - XSS Scanner and Payload Generator
3. FinDOM-XSS - Fast DOM Based XSS Vulnerability Scanner
4. PwnXSS - Automated XSS Vulnerability Scanner Tool in Kali Linux
5. XSSCon - Simple and Powerful XSS Scanner tool
6. DalFox - Parameter Analysis and XSS Scanning tool
7. XSpear - Powerful XSS Scanning And Parameter Analysis Tool
8. Damn Small XSS Scanner tool in Kali Linux
9. XanXSS - Simple XSS Finding Tool in Kali Linux
10. Bxss - Blind XSS Injector Tool
11. Kxss - Tool to to Identify XSS Vulnerable Parameters / Patterns
12. Traxss – Automated XSS Vulnerability Scanner
13. XIRA - XSS Vulnerablity Scanner
14. CMSeeK - CMS Detection and Exploitation Tool
15. CMSeeK - Open Source Content Management System Detection and Exploitation Tool
16. WPCracker - WordPress User Enumeration and Version Detection Tool
17. Tiger – The Unix Security Audit and Intrusion Detection Tool
18. Domained - Multi Tool Subdomain Enumeration Suite on Kali Linux
19. Webkiller v2.0 - Tool Information Gathering tool in Kali Linux
20. Cewl Tool - Creating Custom Wordlists Tool in Kali Linux
21. Tool-X - Hacking Tool Installer in Kali Linux
22. Top 20 Best Linux Games You Can Play for FREE
23. Linux - Installing Tripwire IDS (Intrusion Detection System)
24. VulnX – CMS And Vulnerability Detection
25. WhatCMS - CMS Detection and Exploit Kit