OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. It is claimed to have the world’s 2nd largest XSS Payloads of about 1500+ distinctive XSS Payloads for effective XSS vulnerability detection and WAF Bypass. It is incorporated with a feature rich Information Gathering module for target Reconnaissance. The Exploit Framework includes highly offensive XSS exploitation modules for Penetration Testing and Proof of Concept creation.
DEFCON DCG Banglore 2013
BlackHat Europe Arsenal 2013
Nulcon Goa 2013
INFORMATION GATHERING MODULES
Version 3 Videos
OWASP Xenotix XSS Exploit Framework v3: XSS Scanner Module
OWASP Xenotix XSS Exploit Framework v3: XSS Keylogger
OWASP Xenotix XSS Exploit Framework v3: XSS Executable Drive-By
OWASP Xenotix XSS Exploit Framework v3: XSS Reverse Shell
OWASP Xenotix XSS Exploit Framework v3: XSS DDoSer
Version 2 Videos
OWASP Xenotix XSS Exploit Framework Version 2
Involvement in the development of Xenotix is highly encouraged!
Here are some of the ways you can help:
Then please use this form: https://docs.google.com/forms/d/1RpUhQvuHGvPTl7Gi-EXzecidGvJwKpsRaY9-MeXm1ro/viewform
Are you a developer? Do you have some cool ideas to contribute? Get in touch via ajin [DOT] abraham [AT] owasp.org
If you actively contribute to Xenotix then you will be invited to join the project.