How To Scan for Cross-Site Scripting Vulnerabilities in Websites & Web Apps with Pwn XSS
1 - 2 min read
Jan 23, 2023
Pwn XSS is a powerful tool that is commonly used by malicious hackers as well as security professionals today. The term "pwn" comes from "own", as in "to have power or mastery over (someone)." Pwn XSS is an open source cross site scripting vulnerability scanner made in python 3.7. This tool is used to find vulnerabilities in websites and web apps that can be compromised and allow a hacker to exploit for malicious reasons. It can also be used by security professionals to test their own websites to be sure it's free from any cross-site scripting vulnerabilities, as well as cybersecurity students, learning about how cross-site scripting works, why it can be a potential security risk, and ideas for how security and protection against these attacks can be improved.
In addition some of the main features of Pwn XSS consist of:
- Crawling all links on a website
- POST and GET forms are supported
- Advanced error handling
- Multiprocessing support
To explore the features of Pwn XSS you would simply need to install the tool within your linux machine using the commands
- pip install bs4
- pip install requests
- git clone GitHub - pwn0sec/PwnXSS: PwnXSS: Vulnerability (XSS) scanner exploit
chmod 755 -R PwnXSS
cd PwnXSS
python3 pwnxss.py -help
Once installed for basic usage of the tool you would simply run:
- python3 pwnxss.py -u Home of Acunetix Art (target website)
After executing the code you will begin to see the scan take place and any vulnerabilities will begin to populate and show the areas of exploitation that exist.
