Don't run with XSSer(s)!
One of the quickest and to-the-point tools available in Kali for XSS testing is XSSer (sometimes pronounced scissor). As a tool, XSSer serves one function, which is to test for the presence of potential XSS vulnerabilities on a web application and offer up quick, non-controversial validation URL strings to run a check against them. XSSer is one of those rare tools that can give you awesome capability with minimal know-how; but with an experienced hand, it can be tailored with surgical precision.
You can use XSSer either as a CLI tool or with its GUI wrapper, which is a fine way to build CLI queries with the help of a more intuitive wrapper. To use XSSer in the GUI mode, you can simply type the following in a terminal ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access