All of you web application penetration testers, check out this release of XSSer version 1.0! From this release, the author plans to rename XSSer to "The Mosquito". Our first post regarding XSSer can be found here.
"XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications.It contains several options to try to bypass certain filters, and various special techniques of code injection."

This is the official change log:
  • Added "final remote injections" option
  • Cross Flash Attack!
  • Cross Frame Scripting
  • Data Control Protocol Injections
  • Base64 (rfc2397) PoC
  • OnMouseMove PoC
  • Browser launcher
  • Code clean
  • Bugfixing
  • New options menu
  • Pre-check system
  • Crawler spidering clones
  • More advanced statistics system
  • "Mana" output results
Download XSSer version 1.0 (xsser-1.0.tar.gz) here.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.