Attack API
BeEF
可与Metaspolit整合
http://fuzzexp.org/metasploit-and-beef-the-tutorial-chinese.html
http://www.myhack58.com/Article/html/3/8/2013/36603.htm
http://saysec.diandian.com/post/2012-09-04/40037519488
https://github.com/beefproject/beef/wiki/Architecture
BackTrack有附带:
BackTrack-Exploitation Tools-Social Engineering Tools-Beef XSS Framework
XSS-Proxy
http://hi.baidu.com/cosastro/item/decff2f85733c31aa72988e9
XSSer
BackTrack中有附带
例子:
root@bt:/pentest/web/xsser# ./xsser -u "http://demo.testfire.net/search.aspx?txtSearch=abc"
界面:
xsser --gtk
参考资料:
https://www.owasp.org/index.php/OWASP_XSSER
http://sourceforge.net/projects/xsser/
http://securityxploded.com/detecting-exploiting-xss-using-xsser-tool.php
http://www.91ri.org/2740.html
http://wenku.baidu.com/view/aa5cee01e87101f69e31951a.html