自动化渗透测试 XSSer 1.6b 发布
openkk 13年前
<p>XSSer (Cross site "scripter")<span style="color:#000000;">是一款自动化渗透测试XSS漏洞的安全工具</span>,专门用来检测和利用不同应用程序中存在的跨站脚本漏洞。它包含了一些选项用来尝试绕过特定的过滤器,并且具有特殊的代码注入技术。</p> <p><span style="line-height:25px;font-family:Arial,Tahoma,Helvetica,georgia,Verdana,sans-serif;font-size:14px;" class="Apple-style-span">XSSer 1.6b 主要改进内容:</span></p> <p><span style="line-height:25px;font-family:Arial,Tahoma,Helvetica,georgia,Verdana,sans-serif;font-size:14px;" class="Apple-style-span"> * Added Drop Cookie option<br /> * Added Random IP X-Forwarded-For an X-Client-IP option<br /> * Added GSS and NTLM authentication methods<br /> * Added Ignore proxy option<br /> * Added TCP-NODELAY option<br /> * Added Follow redirects option<br /> * Added Follow redirects limiter parameter<br /> * Added Auto-HEAD precheck system<br /> * Added No-HEAD option<br /> * Added Isalive option<br /> * Added Check at url option (Blind XSS)<br /> * Added Reverse Check parameter<br /> * Added PHPIDS (v.0.6.5) exploit<br /> * Added More vectors to auto-payloading<br /> * Added HTML5 studied vectors<br /> * Fixed Different bugs on core<br /> * Fixed Curl handlerer options<br /> * Fixed Dorkerers system<br /> * Fixed Bugs on results propagation<br /> * Fixed POST requests.<br /> <br /> </span></p> 项目地址: <a href="/misc/goto?guid=4958202605650046571" target="_blank">http://xsser.sourceforge.net/</a>