Xsstron – Browser To Find XSS Vulnerabilities Automatically

Xsstron Logo - Browser To Find XSS Vulnerabilities Automatically Xploitlab

Xsstron

Powerful Chromium Browser to find XSS Vulnerabilites automatically while browsing web, it can detect many case scenarios with support for POST requests too.

Installation

Install Node.js and npm (https://www.npmjs.com/get-npm) or sudo apt install npm

After Node.js and npm successfully installed, now you can clone the repo files and install the xsstron

git clone https://github.com/RenwaX23/XSSTRON cd XSSTRON npm install npm start

Some users using Debian/Ubuntu might not able to run the tool as i think it’s an issue with Electron itself, you can continue using the app in Window/OSX and Linux installed on Windows.

Known issues

Some users in certain linux distributions get into some problems try these

Kali/Debian users this fixes installation:

sudo apt install npm sudo npm install -g electron –unsafe-perm=true –allow-root cd XSSTRON sudo npm install electron . –no-sandbox

  • In (package.json) change it to:
“devDependencies”: { “electron”: “^10” },

  • try to update npm and nodejs to latest version
  • delete node_modules and package-lock.json and reinstall
  • in package.json change the electron devDepencies to (electron11-bin)
  • install electron using (npm install electron) and run the app with electron using (electron .) with each step remember to delete the node_modules and package-lock.json and re install again using (npm install)

Failed to serialize arguments is known issue and might be fixed soon 🙂


Usage

Just browse the web like a normal web browser then it will automatically look for XSS vulns in background and show them in a new window with POC

Xsstron Dashboard - Browser To Find XSS Vulnerabilities On Internet xploitlab

Mass URL Scan To Find XSS Vulnerabilities

Xsstron Mass URL Scan To Find XSS Vulnerabilities Automatically xploitlab

XSS GET request POC

Xsstron - Exploit XSS Vulnerabilities With GET Request Automatically xploitlab

XSS POST request POC

Xsstron - Exploit XSS Vulnerabilities With POST request Automatically xploitlab

Thanks for


You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

17 + 2 =