资 源 简 介
Overview
The Cross-Site Scripting Framework (XSSF) is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work. The XSSF project aims to demonstrate the real dangers of XSS vulnerabilities, vulgarizing their exploitation. This project is created solely for education, penetration testing and lawful research purposes.
XSSF allows creating a communication channel with the targeted browser (from a XSS vulnerability) in order to perform further attacks. Users are free to select existing modules (a module = an attack) in order to target specific browsers.
XSSF provides a powerfull documented API, which facilitates development of modules and attacks. In addition, its integration into the Metasploit Framework allows users to launch MSF browser based exploit easilly from an XSS vulnerability.
In addition, an interesting though exploiting an XSS inside a victim"s brow
文 件 列 表
XSSF
modules
auxiliary
xssf
public
network
ms_windows_html5
data
lib
plugins
xssf.rb
README_XSSF
modules
auxiliary
xssf
webrickpatches.rb
xssfmaster.rb
xssfdatabase.rb
xssfgui.rb
xssfbanner.rb
xssftunnel.rb
xssfserver.rb
public
network
ping.rb
connection_speed.rb
web_services.rb
distributed_dos.rb
ms_windows_html5
scan_network.rb
scan_ports.rb
