Tool and Usage
XXSER leverages the execution of arbitrary code on the web server when an administrative user inadvertently triggers a hidden XSS payload.
This tools helps to get from XSS to Remote Code Execution (RCE). Custom tools and payloads integrated with Metasploit's Meterpreter in a highly automated approach can be used.
Usage and audience
XSSER is commonly used for penetration testing or security assessment. Target users for this tool are pentesters and security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
History and highlights
- Demoed at Black Hat Europe 2015
- Demoed at Black Hat Europe 2016