LSE top 100LSE top 100XSSER (93)XSSER (93)

Tool and Usage

XXSER leverages the execution of arbitrary code on the web server when an administrative user inadvertently triggers a hidden XSS payload.

Screenshot for XSSER tool review


This tools helps to get from XSS to Remote Code Execution (RCE). Custom tools and payloads integrated with Metasploit's Meterpreter in a highly automated approach can be used.

Usage and audience

XSSER is commonly used for penetration testing or security assessment. Target users for this tool are pentesters and security professionals.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available

History and highlights

  • Demoed at Black Hat Europe 2015
  • Demoed at Black Hat Europe 2016

Author and Maintainers

XSSER is under development by Hans-Michael Varbaek.

XSSER alternatives

All alternatives for XSSER

Found an improvement? Become an influencer and submit an update.
Project details
Latest release2.7.5 [2018-03-08]
LicenseCC BY-SA 3.0
Last updatedMarch 11, 2018

Project health

This score is calculated by different factors, like project age, last release date, etc.


GitHub iconXSSER GitHub project

Related terms