PwnXSS-Automated XSS Vulnerability Scanner Tool in Kali Linux
PwnXSS is a free, open-source tool that we can find on Github. It is specially designed to find cross-site scripting. PwnXSS is written in python. Python 3.7 must be installed on our Kali Linux system. Many websites are vulnerable to cross-site scripting (XSS). This tool simplifies the process of detecting cross-site scripting. PwnXSS works as a scanner. With millions of websites and web apps on the internet, the question arises whether our website is secure or not. Our website's security is extremely important. XSS or Cross-site scripting is a vulnerability which is used to hack websites. This tool makes it simple to identify such vulnerabilities.
Features of PwnXSS
The following are the features of PwnXSS:
Uses of PwnXSS
The following are the uses of PwnXSS:
Installation of PwnXSS Tool in Kali Linux
The following are the steps which we have to follow in order to install the PwnXSS tool in Kali Linux:
Step 1: First, we have to open our Kali Linux terminal and move to Desktop with the help of the following command:
Step 2: Now we are on Desktop, use the following command to create a new directory called pwnxss. The installation of the pwnxss tool will take place in this directory.
Step 3: Now, with the help of the following command, we will move to "pwnxss" directory.
Step 4: Now, we will install the first basic requirement with the help of the following command.
Step 5: Now, we will install the second basic requirement with the help of the following command.
Step 6: Next, we have to install the tool. In order to install the tool, we need to clone the tool from github using the following command.
Step 7: Now, the tool has been downloaded in the pwnxss directory. We will use the below command in order to list out the contents of the tool.
Step 8: While downloading the tool, we notice that a new directory for the pwnxss tool has been created. Use the following command to get to this directory.
Step 9. In order to list out the content of the tool, we will use the below command:
Step 10: The tool's many files can be seen here. We must now provide permission to the tool using the command below.
Step 11: Now, to see the help index of the tool, we will use the following command.
Now the tool has been downloaded appropriately. With the help of this tool, we can effortlessly check the cross-site scripting vulnerabilities of the websites and webapps. Now let's look at some instances of how to use the PwnXSS tool.
Example: python3 pwnxss.py -u https://testphp.vulnweb.com
The tool has started checking cross-site scripting vulnerability. The tool has identified the following vulnerabilities. The tool will keep checking until it finds a vulnerable website, which it will display on the terminal.