LSE toolsLSE toolsXSSER (201)XSSER (201)

Tool and Usage

XXSER leverages the execution of arbitrary code on the web server when an administrative user inadvertently triggers a hidden XSS payload.

Screenshot for XSSER tool review


This tools helps to get from XSS to Remote Code Execution (RCE). Custom tools and payloads integrated with Metasploit's Meterpreter in a highly automated approach can be used.

Usage and audience

XSSER is commonly used for penetration test or security assessment. Target users for this tool are pentesters and security professionals.

Tool review

The review and analysis of this project resulted in the following remarks for this security tool:


  • + The source code of this software is available

History and highlights

  • Demoed at Black Hat Europe 2015
  • Demoed at Black Hat Europe 2016

Author and Maintainers

XSSER is under development by Hans-Michael Varbaek.

This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest release2.5.1 [2016-11-13]
License(s)CC BY-SA 3.0
Last updatedNov. 8, 2017

Project health

This score is calculated by different factors, like project age, last release date, etc.


GitHub iconXSSER GitHub project

Related terms