XSSS 介绍
XSSS是由Sven开发的跨站脚本漏洞扫描工具。
XSSS的主要特点:
Crawl website
Detect forms and URLs with parameters
Fill in forms, alter parameters to include control characters
Scan web server response for our input
XSSS的主要功能:
Code in web pages
JavaScript aka JScript, ECMAScript
VBScript
Exploits for browser security hole:
Buffer overruns,
Java sandbox holes,
* ActiveX components marked as “safe”.